function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

How to ensure that a request is coming from SalesForce?

I want to send a request to a site outside SalesForce. Is there a way to put something in the request param so that the accepting server will know that the request is a vaild request and coming from SalesForce. How do I do this?
We use a IP filter on our external facing router along with a dns redirection..  It works like this.. points to your private ip address.. Your router firewall checks that the incoming traffic to is in the trusted ip range, and allows the packet to pass to the machine which fullfulls the service.. You will want to use a SSL if you are really interested in security..
You can should also match your organization id at runtime, as this should not be public information and will provide an additional layer of secuirty..
Best of Luck..
HTTP sniffers can fake your request to come from salesforce ip range. How do u handle those kind fo requests?
use SSL, check the IP address.
Hi simon

Thanks for the reply. Who will provide me with the IP-Range? So what is a good practise.

1. Configure the router to accept requests only from a certain SalesForce IP Range only with https(SSL) protocol
2. Check for the ip address in my code.