You need to sign in to do that
Don't have an account?
My website needs data
I've been using the Salesforce API to store/update leads and other information as users register on my website. Currently, my code authenticates using the login(user, pass+token) call when starting this process. It does everything as the same user whom I happen to give read/write permissions to my enterprise's data.
I remember seeing something about API keys and wonder if there is a better way. Can I exchange certificates or some other form of mutual authentication so that my app does not have to "log in" as a user?
I'm looking at a situation where a partner is going to have to access some of this data and would like to give him an API key which can be revoked later, but I don't want to give him my user/pass and I don't want to create a new salesforce user for him.
Ideas?
I'd suggest looking into our implementation of oauth2. Search for "remote access" in our online help.