Create or Edit a Custom Authentication External Credential
To account for web service providers that use unique headers for authentication, create an external credential that uses the Custom authentication protocol.
Required Editions
| Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience |
| Available in: all editions |
| User Permissions Needed | |
|---|---|
| To view external credentials: | View Setup and Configuration |
| To create, edit, or delete external credentials: | Manage Named Credentials or Customize Applications |
If you choose Custom as your authentication protocol, you must specify a principal, sequence
number, and authentication parameters. Each authentication parameter requires a name and value.
Authentication parameters can be used in custom headers as a formula, for example, $Credential.EC_dev_name.AuthParam_name.
- From Setup, in the Quick Find box, enter Named Credentials, and then select Named Credentials.
- Click External Credentials.
- To create a new external credential, click New. To edit an existing external credential, click its link in the list of external credentials, and then click Edit.
- Complete the fields.
Field Description Label A user-friendly name for the external credential that’s shown in the Salesforce user interface, such as in list views. Name A unique identifier that’s used to refer to this external credential from callout definitions and through the API.
The name can contain only underscores and alphanumeric characters. It must be unique, begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
Authentication Protocol Select Custom. - Save the external credential.You’re taken to the Named Credentials screen.
Create Principals for Custom Authentication
After you create an external credential that uses custom authentication, create principals for it. These principals get mapped to permission sets and profiles.
- On the Named Credentials page, click External Credential.
- Select the external credential you created.
- Scroll to Principals.
- Click New to create a principal for this external credential, or
choose Edit from the Actions menu of an existing principal. When editing an existing principal, not all the fields listed here are modifiable.
- Complete these fields.
Field Description Parameter Name Enter a name for the principal, such as Admin or Marketing Group. Sequence Number Assign a sequence number. A sequence number specifies the order of principals to apply when a user participates in more than one principal. For example, a user could be part of multiple permission sets that are applicable for a credential provider. Priority is from lower to higher numbers. Identity Type This field defaults to Named Principal and can’t be modified.
A named principal applies the same credential or authentication configuration for an entire org.
Authentication Parameters Click Add to add your own Name and Value authentication parameters.
Declaring them here alone doesn’t do anything in a callout, but you can use authentication parameters as variables in request bodies and headers in Apex, and custom headers in named and external credentials. For example:
{!$Credential.SampleCustomExternalCredential.myAuthParam} - Save the principal.You can’t modify the Principal Name and Identity Type of an existing principal. To change these parameters, delete the principal and recreate it.
Now that you created the external credential and its principal, it’s time to create the connected name credential. See Create or Edit a Named Credential. For an overview of all of the steps required to configure a named credential, see Create Named Credentials and External Credentials.
