Loading
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Create or Edit a Named Credential

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            Create or Edit a Named Credential

            Configure a named credential to specify the URL of a callout endpoint. To specify the required authentication parameters for the callout, connect the named credential to an external credential.

            Required Editions

            Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
            Available in: all editions
            User Permissions Needed
            To view named credentials: View Setup and Configuration
            To create, edit, or delete named credentials: Manage Named Credentials or Customize Applications

            Before creating a named credential, you must create an external credential to link it to. See Create or Edit an External Credential. For an overview of the steps required to configure a named credential, see Create Named Credentials and External Credentials.

            1. From Setup, in the Quick Find box, enter Named Credentials, and then select Named Credentials.
            2. Click Named Credentials.
            3. To create a new named credential, click New. To edit an existing named credential, click its link in the list of named credentials and then click Edit.
              Note
              Note If you want to create a legacy named credential, select New Legacy from the dropdown menu instead and follow the instructions in Define a Legacy Named Credential. Legacy named credentials are no longer updated or enhanced.
            4. Complete the fields.
              FieldDescription
              Label A user-friendly name for the named credential that’s displayed in the Salesforce user interface, such as in list views.
              Name

              A unique identifier that’s used to refer to this named credential from callout definitions and through the API.

              The name can contain only underscores and alphanumeric characters. It must be unique, begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
              URL

              The URL or root URL of the callout endpoint. Must begin with https://. Can include a path but not a query string. For example:

              https://my_endpoint.example.com/secure/payroll

              You can, however, append a query string and a specific path in the callout definition’s reference to the named credential.

              For example, an Apex callout could reference the named credential “My_Payroll_System” as follows.

              HttpRequest req = new HttpRequest();
req.setEndpoint('callout:My_Payroll_System/paystubs?format=json');
              Enabled for Callouts By default, the ability to make callouts with the named credential is turned on. There are two exceptions where this field is turned off: When the named credential is created from an Apex application or when any endpoint in the named credential or its related external credential or auth identity provider is updated from an Apex application. Be aware of security considerations when enabling callouts for named credentials that originate from or are updated from Apex.
              Authentication
              External Credential The name of an external credential. See Create or Edit an External Credential.
              Client Certificate Optional. If you specify a certificate, your Salesforce org supplies it when establishing each two-way SSL connection with the external system. The certificate is used for digital signatures, which verify that requests are coming from your Salesforce org.
              Callout Options
              Generate Authorization Header

              By default, Salesforce generates an authorization header and applies it to each callout that references the named credential.

              Deselect this option only if one of the following statements applies.

              • The remote endpoint doesn’t support authorization headers.
              • You’re generating an authorization header by creating a custom header and naming it ‘Authorization’. For example, create a custom authorization header if you’re using HTTP Basic authorization. Likewise, in Apex callouts, you can have the code construct a custom authorization header for each callout.

              This option is required if you reference the named credential from an external data source. See Custom Headers and Bodies of Apex Callouts That Use Named Credentials.
              Allow Formulas in HTTP Header

              Use credential fields as formula fields in named credential custom headers, external credential custom headers, and Apex HTTP headers. For example:

              Client-ID: {!$Credential.MyExtCred.MyClientId}

              Defaults to false. See Custom Headers and Bodies of Apex Callouts That Use Named Credentials.
              Allow Formulas in HTTP Body Allow Apex to construct the callout’s HTTP body with credential fields available as formula fields. Defaults to false. See Custom Headers and Bodies of Apex Callouts That Use Named Credentials.
              Outbound Network Connection

              Use a private connection that bypasses the public internet. Enter the name of an existing outbound network connection. See Secure Cross-Cloud Integrations with Private Connect.

              If you choose this option, your new named credential has PrivateEndpoint as its type. Otherwise the named credential has a SecuredEndpoint type.
              Allowed Namespaces for Callouts

              Optional list of namespaces that identifies the managed packages that are allowed to make callouts using this named credential.

              • For managed packages, the subscriber must add the package’s namespace to a named credential’s list of allowed namespaces to enable callouts. This action isn’t necessary if the named credential is installed as part of the same package.
              • If you have multiple orgs, you can create a named credential with the same name but with a different endpoint URL in each org. You can then package and deploy—on all the orgs—one callout definition that references the shared name of those named credentials. For example, the named credential in each org can have a different endpoint URL to accommodate differences in development and production environments. If an Apex callout specifies the shared name of those named credentials, the Apex class that defines the callout can be packaged and deployed on all those orgs without programmatically checking the environment.

              Named credentials aren’t automatically added to packages. If you package an external data source or Apex code that specifies a named credential as a callout endpoint, add the named credential to the package. Alternatively, make sure that the subscriber org has a valid named credential with the same name.
            5. Click Save. You’re taken to the Named Credentials screen.
            6. Optionally, create a custom header for this named credential or edit an existing custom header. See Create and Edit Custom Headers.

            To reference a named credential from a callout definition, use the named credential URL. A named credential URL contains the scheme callout:, the name of the named credential, and an optional path. For example: callout:My_Named_Credential/some_path.

            You can append a query string to a named credential URL. Use a question mark (?) as the separator between the named credential URL and the query string. For example: callout:My_Named_Credential/some_path?format=json.

            You’ve finished the main steps to create a named credential. Next, grant access to external credential principals and user external credentials to authorize users to make authenticated callouts.

            See Also

             
            Loading
            Salesforce Help | Article