Prepare for the Salesforce-Managed X (Formerly Twitter) Authentication Provider Retirement

Complete all steps in a sandbox before applying them in production.

Prerequisite: To get a list of authentication providers that are affected by this retirement, run a SOQL query using your preferred tool, such as the Salesforce Developer Console.
If you aren’t familiar with running SOQL queries, here’s a quick guide to using the Developer Console.

1. Click the quick access menu [insert Setup gear icon], then click Developer Console.

2. Click File > Open Resource.

3. In the search bar, enter AuthProvider. Select AuthProvider.obj and click Open.

In the Query Editor at the bottom of the window, paste this SOQL query and click Execute.

SELECT FriendlyName FROM AuthProvider WHERE ProviderType = 'Twitter' AND ConsumerKey = null AND OptionsIsEmi = false

The query returns a list of all authentication providers that are affected by this retirement. 

Complete the next five steps for all authentication providers that are returned as a result of this query. 

Note: These steps reflect the X developer portal at the time that this article was written. For the most up-to-date information, see the X developer documentation at https://docs.x.com/overview. 

Step 1: Create an X App and Generate an API Key and API Key Secret

1. If you don’t have an X developer account, sign up for one from the X Developer Portal.

2. In the X Developer Portal, click Projects & Apps. 

3. If you don’t have a project already, on the Projects and Apps page, click New Project.

   1. NOTE: The X developer portal allows you to have only one project at a time. For more information, see https://docs.x.com/fundamentals/projects. 

4. In the project, click Add App.

5. Enter a name for your app.

6. Note the API Key and API Key Secret.

Step 2: Update Your Authentication Provider Configuration

1. Go to your Salesforce org.

2. From Setup, in the Quick Find box, enter Auth, and then select Auth. Providers.

3. Find the auth provider that you want to update and click Edit.

4. For Consumer Key, enter the API Key from your X app.

5. For Consumer Secret, enter the API Key Secret from your X app.

6. Save your changes.

7. Copy the callback URL generated by Salesforce.

   1. If you use the provider for employees logging in to your org, copy the callback URL that’s directly under Salesforce Configuration.

   2. If you use the provider for Experience Cloud sites, copy the callback URL in the Experience Cloud Sites section.

Step 3: Update Your X App to Use the Salesforce Callback URL

1. In the X developer portal, go to your app.

2. Under User authentication settings, click Set up.

3. For the app permissions, select Read.

4. For the app type, select Web App, Automated App, or Bot.

5. In the App Info section, update the Callback URI / Redirect URL field to use the Salesforce callback URL that was generated when you saved your authentication provider.

6. Add a website URL and complete the remaining App info as needed.

7. Save your changes.

Note: X generates a client ID and client secret when you save the app. You can ignore those values—your Salesforce configuration uses the API key and API key secret instead.

Step 5: Test SSO Login

To test the SSO connection, take these steps.

1. From Setup, in the Quick Find box, enter Auth, and then select Auth. Providers.

1. Click on your authentication provider.

2. In a new browser window, go to the Test-Only Initialization URL. If the SSO connection is working correctly, you see a list of attributes. 
   
   

To test the end-to-end SSO login flow, go to your My Domain or Experience Cloud login page and log in using the X authentication provider.