function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
MaverickDevMaverickDev 

Authentication in external app from SF

I've an my external application hosted on different server and I wish to authenticate users which are already registered withmy application.

 

For that, I have a web service where which gives me a key once I pass the username and password.

Based on that key, my  application perform operations for respective user. (every user has assigned with unique key withexpiry date)

How I can do following stuff?

1. Let the user login only once to my app via SF platform when user installs my app to his SF account

2.  Keep key in users SF account, so I can use the key to authenticate valid user everytime against my app

3. everytime user tried to access my app in SF it should pass  key everytime

 

Where I can get the best article with sample code to achieve above stuff? 

Any help would be highly appreciated.

AmitSahuAmitSahu

Are you talking something about the Single-sign-on ?

sfdcfoxsfdcfox

http://wiki.developerforce.com/page/Secure_Coding_Guideline

 

1) Use Crypto class to generate unique key for encryption, store keys in protected custom settings.

2) You can code the logic to "login once" and "store key" that should be sent each time; use Visualforce and Apex Code to accomplish this goal.

MaverickDevMaverickDev

Thanks @j020!!
That is the point ( SSO) where I am unable to make decision what exactly to use for my requirement, even if I'm going thru lot of articles?!!

My requirements are simple as mentioned above, but in future I may wish to push data back and forth (i.e. my org. contacts to SF contacts and Vice-Versa) using SF.

Can you give me in-sight for the same?

MaverickDevMaverickDev

Thanks sfdcfox!!

That is what I'm trying to implement for my app. But was confused regarding implementing this scenario OR SSO mentioned by j020!

Also, If I go with flow which you have suggested that should work fine for login. Can you suggest me any article/example link where I can check login once flow?