Loading
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            What are Named Credentials?

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            What are Named Credentials?

            Using HTTP callouts with Apex, you can integrate Salesforce with external systems via SOAP and REST APIs. Named credentials offer a declarative and secure way to store and manage the credentials needed for HTTP callouts so that Salesforce can authenticate with external APIs.

            Required Editions

            Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
            Available in: all editions
            Note
            Note All credentials stored by this feature set are encrypted under a framework that’s consistent with other encryption frameworks on the platform. Salesforce encrypts your credentials by auto-creating org-specific keys.

            A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition. To simplify the setup of authenticated callouts, you can specify a named credential as the callout endpoint. By separating the endpoint URL and authentication from the callout definition, named credentials make callouts easy to maintain. For example, if an endpoint URL changes, you update only the named credential instead of updating your Apex code. All callouts that reference the named credential continue to work.

            Named credentials are supported in these types of callout definitions.

            • Apex callouts
            • External data sources
            • External Services

            Salesforce manages all authentication for callouts that specify a named credential as the callout endpoint. You can also skip remote site settings, which are otherwise required for callouts to external sites, for the site defined in the named credential.

            To match the requirements of the external system, named credentials support various authentication protocols, and you can set up each named credential to use an org-wide named principal or per-user authentication. A named principal applies the same credential or authentication configuration for the entire org, and per-user authentication provides access control at the individual user level.

            If you have multiple orgs, you can create a named credential with the same name but with a different endpoint URL in each org. You can then package and deploy one callout definition on all the orgs that reference the shared name of those named credentials. For example, the named credential in each org can have a different endpoint URL to accommodate differences in development and production environments. If an Apex callout specifies the shared name of those named credentials, the Apex class that defines the callout can be packaged and deployed on all those orgs without programmatically checking the environment.

            We recommend creating named and external credentials through the Salesforce UI. You can also create credentials through Metadata API, Tooling API, and Connect REST API.

            See Also

             
            Loading
            Salesforce Help | Article