To share information between two applications without any input from a user, use the
OAuth 2.0 client credentials flow. In this flow, the client app exchanges its client credentials
that are defined in the external client app for an access token. For this flow, you must specify
an integration user to run the integration.
Required Editions
Available in: Lightning Experience
Available in: Professional, Performance, Unlimited, and
Developer Editions
User Permissions Needed
To configure an external client app for OAuth 2.0 Client Credentials flow
Create, edit, and delete External Client Apps
To enable or disable an external client app plugin, you must first create or install an
external client app on your Salesforce org.
Note Before you set up the Client Credentials flow, it’s important to understand its security
risks. With this flow enabled, any person or app that has access to your external client
app’s consumer key and consumer secret can get an access token. Maintain security by
periodically changing your consumer secret, and if it becomes compromised, change it
immediately. See Stage, Rotate, and Delete OAuth Credentials for an External Client App.
From Setup, in the Quick Find box, enter External Client Apps
Manager, and then select External Client Apps
Manager.
From the actions dropdown list, select Edit Settings for the
external client app.
In the OAuth Settings section, select Enable OAuth.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
