Sign Up ›
  • Yuval Levy
  • NEWBIE
  • 0 Points
  • Member since 2014
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 2
    Questions
  • 2
    Replies
0 replies

Will Username-Password OAuth Authentication Flow by a Connected App return an error if the user has no priviledges to that App?

When using Salesforce as an external/thrid party Identity Provider, a Salesforce Connected App can initiate user authenication by using "Username-Password OAuth Authentication Flow (https://www.salesforce.com/us/developer/docs/api_rest/Content/intro_understanding_username_password_oauth_flow.htm)".

If the authenticated user was not assigned the priviledge to use the calling Connected App, will the authentictation fail? (I assume it should, I need to validate this assumption).

 
3 replies

Oauth settings - not getting the code

I'm new to Salesforce and trying to implement an SSO where Salesforce is the IDP and an external Web Application is a Service Provider.

I'm trying to follow the Digging Deeper into OAuth 2.0 on Force.com (https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com) the "Obtaining an Access Token in a Web Application (Web Server Flow)" scenario.

I defined a domain and a connected app that is setup to use OAuth, I got the secret the client id, etc.

When the Connected App is launched, it is properly open a new broweser tab and called the Start URL.

I expected to see a URL that containes code parameters (similar to https://mydomain.com:8443/myExternalApp?code=xxxxxxxxx)

but, there is no such code or anyother SSO related informaiton that I can use to authenicate the user.


What do I  miss? Is it wrong to axpect to get the code? is there any setting that I may have overlooked?

Any tip will be greatly appreciatyed.

Thanks,
Yuval

The Connected App View
3 replies

Oauth settings - not getting the code

I'm new to Salesforce and trying to implement an SSO where Salesforce is the IDP and an external Web Application is a Service Provider.

I'm trying to follow the Digging Deeper into OAuth 2.0 on Force.com (https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com) the "Obtaining an Access Token in a Web Application (Web Server Flow)" scenario.

I defined a domain and a connected app that is setup to use OAuth, I got the secret the client id, etc.

When the Connected App is launched, it is properly open a new broweser tab and called the Start URL.

I expected to see a URL that containes code parameters (similar to https://mydomain.com:8443/myExternalApp?code=xxxxxxxxx)

but, there is no such code or anyother SSO related informaiton that I can use to authenicate the user.


What do I  miss? Is it wrong to axpect to get the code? is there any setting that I may have overlooked?

Any tip will be greatly appreciatyed.

Thanks,
Yuval

The Connected App View