• PatrickV
  • NEWBIE
  • 0 Points
  • Member since 2012

  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 1
    Replies

Hi,

 

our company would like to integrate with SFDC. Basically, we want to synchronize Leads/Contacts & Response data (hourly) between SFDC and our System. 

The process involves following steps in Salesforce: 
-) User selects/defines a list of contacts/leads 
-) User clicks "sync" 

-> By clicking on "sync", an asynchronous job (@future (callout=true)) will be created, which receives the User.getSessionId() as parameter 

The job would run like every hour, therefore the sessionid should be kept alive. 
-> Is this a potential security issue, or not best practice? 

Or is there a better solution for this issue? 

We also thought of using a OAuth1.0 workflow, where the user authenticates with Salesforce within our application. But there again, is the issue of keeping the sessionid alive -> we would have to make frequent calls to the SF API in order to keep the sessionid alive. 
-> Please correct me if I am wrong.

 

Does someone know of a better approach?

 

Thanks,

Patrick

Hi,

 

our company would like to integrate with SFDC. Basically, we want to synchronize Leads/Contacts & Response data (hourly) between SFDC and our System. 

The process involves following steps in Salesforce: 
-) User selects/defines a list of contacts/leads 
-) User clicks "sync" 

-> By clicking on "sync", an asynchronous job (@future (callout=true)) will be created, which receives the User.getSessionId() as parameter 

The job would run like every hour, therefore the sessionid should be kept alive. 
-> Is this a potential security issue, or not best practice? 

Or is there a better solution for this issue? 

We also thought of using a OAuth1.0 workflow, where the user authenticates with Salesforce within our application. But there again, is the issue of keeping the sessionid alive -> we would have to make frequent calls to the SF API in order to keep the sessionid alive. 
-> Please correct me if I am wrong.

 

Does someone know of a better approach?

 

Thanks,

Patrick