Sunday, August 13, 2023

How to configure a Connected App for the OAuth 2.0 Client Credentials Flow?

With the OAuth 2.0 client credentials flow, exchange of consumer key and consumer secret defined in the connected app happens for generating an access token and hence it’s important to understand its security risks. With this flow enabled, any person or app that has access to your connected app’s consumer key and consumer secret can get an access token. Maintain security by periodically changing your consumer secret, and change it immediately if it becomes compromised.

To enable the client credentials flow for your connected app.

From Setup, in the Quick Find box, enter Apps, and then select App Manager.

Find your connected app, click Action dropdown, and then select Edit.

Under API (Enable OAuth Settings), select Enable Client Credentials Flow.

When you understand the security risks, accept the warning.

Save your changes.  

How to configure a Connected App for the OAuth 2.0 Client Credentials Flow?

Although there’s no user interaction in the client credentials flow, Salesforce still requires you to specify an execution user. By selecting an execution user, you allow Salesforce to return access tokens on behalf of this user.

From the connected app detail page, click Manage.

Click Edit Policies.

Under Client Credentials Flow, for Run As, click Magnifying glass icon, and find the user that you want to assign the client credentials flow.

OAuth 2.0 Client Credentials Flow Salesforce

1 comment:

  1. Very Useful! Previously, I struggled quite a bit. But the guide has finally solved my problem.