You need to sign in to do that
Don't have an account?
Sunny_Slp
Authentication and Outbound message
Hi everyone,
I'm trying to integrate SFDC to an external system using outbound messages, The external system's security policy requires some sort of authentication. Is it possible to authenticate with an outbound message?
more specifically, can we include HTTP basic or Digest access authentication headers with an outbound message? or if there are other ways to authenticate an outbound message can someone please provide the details.
Any help will be greatly apperciated.
Thank you,
Sunny_Slp
No , as the outbound is configure only , SFDC do not have any provision to manipulate HTTP header with it.
Thanks,
Dinesh
Please accept the reply as a solution if it solves your query for the other people to use.
All Answers
Hi Sunny,
This is a classic requirement.
Based on your requirement you can implement the authentication in many ways .
1. Allow your listener to accept message only from SFDC Ip ranges
- 204.14.232.64 to 204.14.232.79
- 204.14.234.64 to 204.14.234.79
2. With the Out bound , you get the SFDC ORD ID , you can validate the same in the Oubound message.
3. You can include the SFDC session Id with the Out bound message and from the listener can validate the session .
The best way will be to implement two way SSL/TLS in the listener server side, so that it validate the SFDC client certificate.
You can download the Client certificate from Setup ➤ Develop ➤ APIlocation.
Thanks and Regards,
Dinesh Nasipuri
dinesh.nasipuri@gmail.com
Hi Nasipuri,
We meet again :) thanks for your reply.
In addition to two-way SSL, is it possible to include HTTP headers in an outbound message (as with Apex callouts)?
No , as the outbound is configure only , SFDC do not have any provision to manipulate HTTP header with it.
Thanks,
Dinesh
Please accept the reply as a solution if it solves your query for the other people to use.
Thank you
Hi Dinesh
Kindly let me know is it possible to implement the outbound messaging between two salesforce organaizations, if it is possible how to authenticate the other organaization, kindly provide the example or URL if any.
Thanks
Narendhar