Set Up OAuth Flows

External Client Apps support several OAuth flows. These flows allow the third-party application to access protected resources on Salesforce.

Determine which flow to enable and set the basic OAuth flow configurations. For detailed descriptions of OAuth flows, see OAuth Authorization Flows.

• Configure a Client Credentials Flow
  To share information between two applications without any input from a user, use the OAuth 2.0 client credentials flow. In this flow, the client app exchanges its client credentials that are defined in the external client app for an access token. For this flow, you must specify an integration user to run the integration.
• Configure a Code and Credentials Flow
  The Code and Credentials Flow is the foundation of headless login, registration, passwordless login, and guest user identity. Before setting up these features, enable the Code and Credentials Flow at an org-wide level and configure these required settings and access policies for your external client app.
• Configure a Device Flow
  To integrate apps that run on devices with limited input or display capabilities, such as smart TVs, appliances, and other internet of things (IoT) devices, configure the Global OAuth Settings to include a device code, and enable the OAuth 2.0 device flow. Command-line apps can use this flow as well. Users can connect these apps to Salesforce by accessing a browser on a device with more advanced input capabilities, such as a desktop or mobile device.
• Configure a JWT Bearer Flow
  External client apps can support OAuth 2.0 JSON Web Token (JWT) bearer flows using the certificate field in the global OAuth settings file. A JWT flow authorizes servers to access data without interactively logging in each time the servers exchange information.
• Configure a Web Server Flow
  To integrate an external web app with the Salesforce API, configure an external client app to use the OAuth 2.0 web server flow, which implements the OAuth 2.0 authorization code grant type.