Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Configure an OAuth 2.0 Device Flow for External Client Apps

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Configure an OAuth 2.0 Device Flow for External Client Apps

            Configure the Global OAuth Settings to include a device code, and enable the OAuth 2.0 device flow. OAuth 2.0 device flows integrate apps that run on devices with limited input or display capabilities, such as smart TVs, appliances, and other internet of things (IoT) devices. Command-line apps can also use this flow. Users can connect these apps to Salesforce by accessing a browser on a device with more advanced input capabilities, such as a desktop or mobile device.

            Required Editions

            User Permissions Needed
            To view all external client apps, view their settings, and edit their OAuth policies file View all External Client Apps, view their settings, and edit their policies

            To enable or disable an external client app plugin, you must first deploy an external client app on your Salesforce org. Deploy an External Client App That References the Source Org’s Global OAuth Settings File, or Deploy an External Client App with a New Global OAuth Settings File.

            This process is similar to the OAuth 2.0 Device Flow for IoT Integration.

            1. Open the external client app global OAuth settings file.
            2. Set the isDeviceFlowEnabled field to true, and save the file.
            3. Use a cURL request to get a device code.
              curl -X POST <org URL>/services/oauth2/token -d 'response_type=device_code&client_id=3MVG9AOp4kbriZOLTqSCO6pgdL3iEegchEYYc74zsqfvJuyTC1xy4IQiPAv_mU0rtwXKJt73Seybuvhj8Jrws&redirect_uri=https://www.example.com' | json_pp

              This call returns a verification URL, a user code, and a device code.

            4. Visit the verification URL on a computer or mobile device, and enter the user code.
            5. Use the device code to complete the flow using a cURL request. 
              curl -X POST <org URL>/services/oauth2/token -d 'grant_type=device&client_id=3MVG9AOp4kbriZOLTqSCO6pgdL3iEegchEYYc74zsqfvJuyTC1xy4IQiPAv_mU0rtwXKJt73Seybuvhj8Jrws&code=<device code>' | json_pp

              The response includes a bearer token. Use this token to authorize in other flows.

             
            Loading
            Salesforce Help | Article