Apex Code Development You need to sign in to do that
Don't have an account?
Yuval Levy Oauth settings - not getting the code
I'm new to Salesforce and trying to implement an SSO where Salesforce is the IDP and an external Web Application is a Service Provider.
I'm trying to follow the Digging Deeper into OAuth 2.0 on Force.com (https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com) the "Obtaining an Access Token in a Web Application (Web Server Flow)" scenario.
I defined a domain and a connected app that is setup to use OAuth, I got the secret the client id, etc.
When the Connected App is launched, it is properly open a new broweser tab and called the Start URL.
I expected to see a URL that containes code parameters (similar to https://mydomain.com:8443/myExternalApp?code=xxxxxxxxx)
but, there is no such code or anyother SSO related informaiton that I can use to authenicate the user.
What do I miss? Is it wrong to axpect to get the code? is there any setting that I may have overlooked?
Any tip will be greatly appreciatyed.
Thanks,
Yuval
I'm trying to follow the Digging Deeper into OAuth 2.0 on Force.com (https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com) the "Obtaining an Access Token in a Web Application (Web Server Flow)" scenario.
I defined a domain and a connected app that is setup to use OAuth, I got the secret the client id, etc.
When the Connected App is launched, it is properly open a new broweser tab and called the Start URL.
I expected to see a URL that containes code parameters (similar to https://mydomain.com:8443/myExternalApp?code=xxxxxxxxx)
but, there is no such code or anyother SSO related informaiton that I can use to authenicate the user.
What do I miss? Is it wrong to axpect to get the code? is there any setting that I may have overlooked?
Any tip will be greatly appreciatyed.
Thanks,
Yuval
Basically, when the user lands on your web page, they should click a "Login" button which redirects them to the Salesforce login page. Your web app would direct them to the Salesforce login screen, using the credentials you set up in your Connected App. For Example:
- User lands on your web page and clicks "Login". Your web page redirects to "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id={{ CONSUMER_KEY }}&redirect_uri={{ REDIRECT_URI}}. Note: Sandboxes should be test.salesforce.com, whereas Production is login.salesforce.com. You might need to provide an option to the user if there is a chance you will need to access sandboxes and production environments.
- User hits Salesforce login. They enter their details and click login
- User is redirected back to the redirect_uri set in your Connected App (which should point back to a URI for your webpage). This response includes a code value in the URI.
- Your web page then uses this code value to make a POST request to Salesforce to obtain the actual access_token to use for access to the user's Org.
This page here:https://www.salesforce.com/us/developer/docs/api_rest/Content/intro_understanding_web_server_oauth_flow.htm
Documents more clearful what I've described above.
The above assumes that user was is going directly to my web app landing page and than he is redirectlted to the login.
Now, what if the user already logged into Salesforce before, worked on other pages or apps for an hour, and only than initiate my connected app? Will he redirected to the login page again? Will he need to provide credentials again (in step 1 in the diagram above) or will his broweser automaticly skip this step?
Thanks so much four your input and highlights.
Yuval
I had a missconcept thinking that if the user was already logged in, I can skip redirecting him to the login page.
If the usre is alreayd logged in, he will immediatly redirected to approve redirection to the application, but he will not need to reenter his credentials.
once he does it, he is redirected back to the Web App with a URL that includes the code.
Thank,s
Yuval