You need to sign in to do that
Don't have an account?
Possible Security Issue? (keeping SessionId alive)
Hi,
our company would like to integrate with SFDC. Basically, we want to synchronize Leads/Contacts & Response data (hourly) between SFDC and our System.
The process involves following steps in Salesforce:
-) User selects/defines a list of contacts/leads
-) User clicks "sync"
-> By clicking on "sync", an asynchronous job (@future (callout=true)) will be created, which receives the User.getSessionId() as parameter
The job would run like every hour, therefore the sessionid should be kept alive.
-> Is this a potential security issue, or not best practice?
Or is there a better solution for this issue?
We also thought of using a OAuth1.0 workflow, where the user authenticates with Salesforce within our application. But there again, is the issue of keeping the sessionid alive -> we would have to make frequent calls to the SF API in order to keep the sessionid alive.
-> Please correct me if I am wrong.
Does someone know of a better approach?
Thanks,
Patrick
Thiis solution may fail at one point of time cause there is a • No more than 10 method calls per Apex invocation Limit.
Also
Salesforce imposes a limit on the number of future method invocations: 200 method calls per full Salesforce user
license, Salesforce Platform user license, or Force.com - One App user license, per 24 hours. This is an organization-wide
limit.
Hi,
thanks for your answer.
We already figured out another way.
- Patrick