Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Initiate the Authorize Endpoint for a Disassociated External Client App

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Initiate the Authorize Endpoint for a Disassociated External Client App

            After the disassociated org metadata is configured with its own global settings file, initiate an OAuth flow to acquire an access token.

            After the existing linked org metadata is updated to include its own global settings file, initiate an OAuth flow to acquire an access token. These steps are similar to the OAuth 2.0 Web Server Flow for Web App Integration.

            1. Copy the consumerKey from the global settings file. This value only exists in the global settings file after you deploy and retrieve the External Client App OAuth settings.
            2. Paste the org’s URL and the consumer key into this URL in place of <org url> and <consumerKey>.
              <new org url>/services/oauth2/authorize?response_type=
code&client_id=<consumerKey>& redirect_uri=https://www.example.com
            3. To initiate the request for access, open the URL in a browser.
              Before Salesforce provides authorization codes, the authenticating users are asked to log in to Salesforce.
            4. Sign in with the new org’s credentials.
              After a successful login, Salesforce redirects users to the approval page to grant access to the app. If users previously approved access, it isn’t necessary to approve access again.
            5. To grant access, choose Allow.
              You’re redirected, and an authorization code is included in the URL.
            6. Copy the authorization code from the URL in the browser.
            7. Decode the authorization code using any URL decoder.
            8. Copy the decoded authorization code.
            9. Replace these values in the cURL request.
              • Replace <new org url> with the org’s URL.
              • Replace <authorization code> with the decoded authorization code from step 6.
              • Replace <clientKey> with the consumerKey field value from the global OAuth settings file.
              • Replace <clientSecret> with the consumerSecret field value from the global OAuth settings file.

              curl -X POST <new org url>/services/oauth2/token -d 'grant_type=authorization_code&code=<authorization code>&client_id=<clientKey>&client_secret=<clientSecret>&redirect_uri=https://www.example.com' | json_pp

            10. Run the configured cUrl request in a terminal.
              A successful request returns an access token.
            11. Verify that the access token works using Postman. Try accessing the UserInfo endpoint.
             
            Loading
            Salesforce Help | Article