Create a Local External Client App with Metadata API

After you create a Salesforce DX project, configure the project to create a local external client app.

1. Update your project configuration file called sfdx-project.json by adding your domain URL to the sfdcLoginUrl parameter.
   To find your My Domain URL, enter My Domain in the Quick Find box then click My Domain.

   {
     "packageDirectories": [
       {
         "path": "force-app",
         "default": true
       }
     ],
     "name": "myEca",
     "namespace": "",
     "sfdcLoginUrl": "https://<URL from My Domain>",
     "sourceApiVersion": "61.0"
   }

2. Add these parameters to the scratch org definition file called project-scratch-def.json.
   • In the features field, add ExternalClientApps and ExtlClntAppSecretExposeCtl.
   • In the settings field, add the externalClientAppSettings and set the enableExternalClientApps setting to true.

     "features": ["EnableSetPasswordInApi", "ExternalClientApps", "ExtlClntAppSecretExposeCtl"],
     "settings": {
       "externalClientAppSettings": {
         "enableExternalClientApps": true
       },

3. Create a package.xml manifest file in the project directory that references this type.
   • ExternalClientApplication

   <?xml version="1.0" encoding="UTF-8"?>
   <Package xmlns="http://soap.sforce.com/2006/04/metadata">
       <types>
           <members>*</members>
           <name>ExternalClientApplication</name>
       </types>
       <version>61.0</version>
   </Package>
   

4. In the <project directory>/force-app/main/default/ directory, create a directory called externalClientApps.
5. In the externalClientApps directory, create a file called [ECAPP_NAME].eca-meta.xml. For example, myeca.eca-meta.xml. This file is the header file, which is used to define the external client app.
6. Configure the [ECAPP_NAME].eca-meta.xml header file. Make sure that the distribution state is set to local, and configure the file with this information.

   Field	Description
   contactEmail	This field is required. Type: String. The email address that Salesforce uses to contact you or your support team.
   description	This field is optional. Type: String. An optional description for your app.
   distributionState	This field is required. Type: String. The distribution state of an external client app. Values can be Local or Packaged. A local external client app doesn’t operate outside an org context. Choosing the Packaged state makes the external client app 2GP packageable.
   iconUrl	This field is optional. Type: String. Reserved for future use.
   infoUrl	This field is optional. Type: String. An optional URL for a web page with more information about your app.
   label	This field is required. Type: String. The name of the app.
   logoUrl	This field is optional. Type: String. The logo appears with the app’s entry in the list of apps and on the consent page that the user sees when authenticating.
   isProtected	This field is optional. Type: Boolean. The concept of a Protected Component comes from packaging, and package developers can use this flag to control the visibility and editability of their components in subscriber orgs.
   orgScopedExternalApp	This field is generated during initial deployment. After it’s created, this field is required. Type: String. External client app unique identifier for the app and the org. Auto-generated during first deployment. Expected value: [Organization_ID]:[External Client App Name].

   This example shows an External Client App header file.

   
   <?xml version="1.0" encoding="UTF-8"?>
   <ExternalClientApplication xmlns="http://soap.sforce.com/2006/04/metadata">
       <contactEmail>johndoe@example.com</contactEmail>
       <description>Test external client app</description>
       <distributionState>Local</distributionState>
       <isProtected>false</isProtected>
       <label>myeca</label>
   </ExternalClientApplication>

• Deploy a Local External Client App
  All external client apps are created using deploy and retrieve operations in the Metadata API. After configuring the package.xml file, deploy the external client app.
• OAuth Plugin Enablement with Metadata API
  In an external client app, the package.xml manifest file references the settings and policies files for each plugin. To enable external client app plugins, configure the settings files and reference the plugin in the manifest file.
• Deploy the External Client App OAuth Plugin
  After configuring the OAuth settings file and the global OAuth settings file, deploy the changes to update the external client app.
• Verify OAuth Policy and Settings Generation
  When the OAuth Plugin is deployed, several external client app components are generated. There are a few places you can check to verify if the deployment was successful.
• Complete the OAuth Flow
  To verify that the external client app is operating correctly, perform an Authorize Endpoint request and a Token Endpoint request. The Token Endpoint request produces an API Access Token that can be used to access any Salesforce API.
• Mobile, Push Notification, or Notification Plugin Enablement with Metadata API (Beta)
  Use Metadata API to configure your external client app with mobile app settings, push notifications, or notification subscriptions.