The problem that I am running into is that we have thousands of subdomains( recipies.company.com, sql.company.com, help.company.com, etc) and it seems that the SF OAuth 2.0 implementation makes it a requirement that the callback URL match exactly to the URL that we assigned during creation of our remote access token. (Configuring OAuth 2.0 Access for your Application section of the Force.com article).
With that requirement and our many subdomains it seems that we would have to create a remote access token for each subdomain because of the check that is made to be sure that the calling URL matches exactly to the callback URL in the remote access token. I would love to give our subdomain accounts the ability to integrate with SF without having to manually create a remote access token - much less thousands of them.
Is there a way to get around the request_uri and callback url check?
The problem that I am running into is that we have thousands of subdomains( recipies.company.com, sql.company.com, help.company.com, etc) and it seems that the SF OAuth 2.0 implementation makes it a requirement that the callback URL match exactly to the URL that we assigned during creation of our remote access token. (Configuring OAuth 2.0 Access for your Application section of the Force.com article).
With that requirement and our many subdomains it seems that we would have to create a remote access token for each subdomain because of the check that is made to be sure that the calling URL matches exactly to the callback URL in the remote access token. I would love to give our subdomain accounts the ability to integrate with SF without having to manually create a remote access token - much less thousands of them.
Is there a way to get around the request_uri and callback url check?
I'm looking for a way to do a call to the SFDC REST API with oAuth but from my app I am not going to know the client / secret tokens.
Is this possible to do? I mean, I want to do something very simple, just like you do when you connect to the twitter API or similar. You do a request to twitter, twitter shows the login page to the user, user grants access and the app can continue working.
From my app on my server I want to access SFDC, I do an oAuth call, SFDC asks the user and password and drects back the call to my app to continue working. I don't want to have the user adding a remote site.
Is this possible to do? I did not find a ay to do it. I can connect perfectly with the SOAP web service, and if I add a remote site and create the consumer and secret tokens. But how do I connect if the user on my app may belong to any org that I do not control?
