SlideShare a Scribd company logo

Deep dive into salesforce connected app part 1

Download as PPTX, PDF
Mohith Shrivastava, profile picture
Mohith Shrivastava

The document provides an overview of Salesforce Connected Apps, detailing their framework for integrating external applications with Salesforce through APIs and security protocols like OAuth and SAML. It outlines authentication and authorization processes, the roles of connected app developers and admins, and key considerations for deploying connected apps. Additionally, it discusses the implications of forward-looking statements regarding Salesforce's business performance and market conditions.

Technology
1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Deep Dive into Salesforce Connected App - Part 1 @msrivastav13 | mohith.shrivastava@salesforce.com Mohith Shrivastava, Lead Developer Evangelist
Forward-Looking Statement Statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, the one-time accounting non-cash charge that was incurred in connection with the Salesforce.org combination; stock- based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth and sustainability goals. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements we make. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with new data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within the company's strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies, including delays related to the integration of Tableau due to regulatory review by the United Kingdom Competition and Markets Authority; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility, term loan and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at www.salesforce.com/investor. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
Agenda ● What is a Connected App? ● Authentication vs Authorization ● Single Sign-On(SSO) , SAML 2.0 ● Connected App Use Cases ● Demo ● Connected App Developers vs Connected App Admins ● Access Data with API Integrations ● Key Considerations when deploying Connected Apps ● References
A connected app is a framework that enables an external application to integrate with Salesforce using APIs and standard protocols, such as Security Assertion Markup Language (SAML), OAuth, and OpenID Connect. ● For example, when you log in to your Salesforce mobile app and see your data from your Salesforce org, you’re using a connected app. ● Salesforce CLI leverages connected app when you connect your CLI to the Salesforce ● Salesforce Workbench leverages connected app to authenticate and authorize to Salesforce What is a Connected App?
Authentication ● A user provides an identifier to signify the account they wish to access and enters login credential for the account. ● Credentials provided by the user are validated against credentials previously registered during user provisioning. Authentication vs Authorization Authorization ● When a user account is created in salesforce, it is often necessary to specify what the account can do and the privilege it has. ● Example account can access data via web, Access and Manage your data
OAuth 2.0 ● It is a protocol that provides authorization solution. ● Enables an app to call an api on its own behalf or users behalf and the call is constrained to the scope of an authorized request. ● Salesforce also adds authentication elements.
1. You open the Salesforce mobile app. 2. An authentication prompt displays, in which you enter your username and password. 3. The Salesforce mobile app sends your credentials to Salesforce and initiates the OAuth authorization flow. 4. Salesforce sends the mobile app access and refresh tokens as confirmation of a successful validation of the user and the mobile app. 5. You approve the request to grant access to the Salesforce mobile app. 6. The Salesforce mobile app starts. OAuth 2.0
SSO and SAML 2.0 SSO ● Single Sign-on (SSO) is the ability to log in once and then access additional protected resources or application with the same authentication requirements, without requiring one to re enter credentials ● Identity Provider - A trusted service that enables users to access other external applications without logging in again. ● Service Provider - A service that accepts identity on behalf of the external application from an identity provider. SAML 2.0 ● SAML is an XML-based framework for exchanging security information between business partners ● SAML enables apps to delegate authentication to Identify Provider. ● Identify provider authenticates and returns an assertion with details of user and the authentication event
● Access Data with API Integration ● Integrate other Service Providers within your Salesforce org ● Manage Access to third party apps ● Provide Authorization For External API Gateways Connected App Use Cases
Creating Connected Application Demo
Connected App Developer vs Admin Connected App Developer ● A connected app developer is a Salesforce developer or ISV who builds API integrations or external apps that can access Salesforce data as a connected app. ● As a developer, you can build a connected app for your org, but other Salesforce orgs can install and use it too. Connected App Admin ● Install, Uninstall, Block connected apps from the Salesforce org. ● Explicitly defining who can use the connected apps and where they can access the apps from. ● Add Permissions and Profiles and IP Relaxation
● Deploying Connected apps metadata You cannot set the consumerKey in Metadata API. It is included in a retrieve operation for informational purposes. If you try to move the connected app to another org, you must remove the consumerKey from the .zip file before the deployment to an org. A new key will be generated in the destination org. Mobile settings of connected apps are not supported in change sets and must be manually migrated. You cannot add Connected App metadata to Unmanaged Package or Unlocked Package Key Considerations when deploying connected apps
Connected Apps https://help.salesforce.com/articleView?id=connected_app_overview.htm&type=5 Authorize Apps with OAuth https://help.salesforce.com/articleView?id=remoteaccess_authenticate.htm&type=5 Connected Apps Basics Trailhead Module https://trailhead.salesforce.com/en/content/learn/modules/connected-app-basics Creating a Connected App Unit https://trailhead.salesforce.com/en/content/learn/projects/build-a-connected-app-for-api-integration/create-a- connected-app References
Deep dive into salesforce connected app part 1

More Related Content

PPTX
Introduction to Salesforce Connected Apps
Cloud Analogy
 
PDF
Two-Way Integration with Writable External Objects
Salesforce Developers
 
PPTX
Salesforce integration best practices columbus meetup
MuleSoft Meetup
 
PDF
Introduction to the Salesforce Security Model
Salesforce Developers
 
PDF
Secure Salesforce: External App Integrations
Salesforce Developers
 
PPTX
Org dependent salesforce packages
Mohith Shrivastava
 
PPTX
OAuth with Salesforce - Demystified
Calvin Noronha
 
PDF
Sales Cloud Best Practices
Sales Support Systematics Sp. z o.o.
 
Introduction to Salesforce Connected Apps
Cloud Analogy
 
Two-Way Integration with Writable External Objects
Salesforce Developers
 
Salesforce integration best practices columbus meetup
MuleSoft Meetup
 
Introduction to the Salesforce Security Model
Salesforce Developers
 
Secure Salesforce: External App Integrations
Salesforce Developers
 
Org dependent salesforce packages
Mohith Shrivastava
 
OAuth with Salesforce - Demystified
Calvin Noronha
 
Sales Cloud Best Practices
Sales Support Systematics Sp. z o.o.
 

What's hot (20)

PDF
Enterprise Integration - Solution Patterns From the Field
Salesforce Developers
 
PPTX
Introduction to Apex for Developers
Salesforce Developers
 
PDF
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
Anna Loughnan Colquhoun
 
PPTX
How to Use Salesforce Platform Events to Help With Salesforce Limits
Roy Gilad
 
PPTX
Episode 10 - External Services in Salesforce
Jitendra Zaa
 
PPTX
Integration using Salesforce Canvas
Dhanik Sahni
 
PDF
Getting started with Salesforce security
Salesforce Admins
 
PPT
Salesforce Traning Adm 201
plug2learn
 
PPTX
Salesforce Online Training
Keylabs
 
PPTX
Deep dive into Salesforce Connected App
Dhanik Sahni
 
PPTX
Salesforce Integration Pattern Overview
Dhanik Sahni
 
PDF
Salesforce crm projects
Advanz Knowledge Systems P Ltd
 
PDF
Marketing Cloud: Salesforce Marketing Cloud: die Customer Journey fängt hier ...
Salesforce Deutschland
 
PDF
Introduction to External Objects and the OData Connector
Salesforce Developers
 
PPTX
Lightning web components
Cloud Analogy
 
PDF
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
PDF
Automate All The Things with Flow
Salesforce Admins
 
PDF
Replicate Salesforce Data in Real Time with Change Data Capture
Salesforce Developers
 
PDF
Generically Call External Classes from Managed Packages
Salesforce Developers
 
PDF
Salesforce CI/CD - A strategy for success
Yassine ELQANDILI ☁
 
Enterprise Integration - Solution Patterns From the Field
Salesforce Developers
 
Introduction to Apex for Developers
Salesforce Developers
 
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
Anna Loughnan Colquhoun
 
How to Use Salesforce Platform Events to Help With Salesforce Limits
Roy Gilad
 
Episode 10 - External Services in Salesforce
Jitendra Zaa
 
Integration using Salesforce Canvas
Dhanik Sahni
 
Getting started with Salesforce security
Salesforce Admins
 
Salesforce Traning Adm 201
plug2learn
 
Salesforce Online Training
Keylabs
 
Deep dive into Salesforce Connected App
Dhanik Sahni
 
Salesforce Integration Pattern Overview
Dhanik Sahni
 
Salesforce crm projects
Advanz Knowledge Systems P Ltd
 
Marketing Cloud: Salesforce Marketing Cloud: die Customer Journey fängt hier ...
Salesforce Deutschland
 
Introduction to External Objects and the OData Connector
Salesforce Developers
 
Lightning web components
Cloud Analogy
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
Automate All The Things with Flow
Salesforce Admins
 
Replicate Salesforce Data in Real Time with Change Data Capture
Salesforce Developers
 
Generically Call External Classes from Managed Packages
Salesforce Developers
 
Salesforce CI/CD - A strategy for success
Yassine ELQANDILI ☁
 
Ad

Similar to Deep dive into salesforce connected app part 1 (20)

PPTX
Deep dive into salesforce connected app part 4
Mohith Shrivastava
 
PDF
Alba Rivas - Building Slack Applications with Bolt.js.pdf
MarkPawlikowski2
 
PDF
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Vivek Chawla
 
PDF
Delivering powerful integrations without code using out-of-the-box Salesforce...
Cynoteck Technology Solutions Private Limited
 
PDF
Single Sign-On and User Provisioning with Salesforce Identity
Salesforce Developers
 
PDF
[Delivering Salesforce secure access to remote workforce
Anna Loughnan Colquhoun
 
PDF
Admin Best Practices: Remove Security Risk From Your Org with a User Audit
Salesforce Admins
 
PDF
Dreamforce Global Gathering
Sudipta Deb ☁
 
PDF
WT19: Platform Events Are for Admins Too!
Salesforce Admins
 
PDF
WT19: 5 Game-Changing Flow Solutions to Level Up Your Org
Salesforce Admins
 
PPTX
Introduction to lightning out df16
Mohith Shrivastava
 
PDF
Salesforce Stamford developer group - power of flows
Amol Dixit
 
PPTX
Summer 23 LWC Updates + Slack Apps.pptx
Kishore B T
 
PDF
Essential Habits for Salesforce Admins: Security
Salesforce Admins
 
PDF
Lightning User Interface Testing with Selenium and Node JS
Keir Bowden
 
PPTX
Manage and Release Changes Easily and Collaboratively with DevOps Center - Sa...
Amol Dixit
 
PPTX
Admin Best Practices: Explore the Power of Data with Tableau
Salesforce Admins
 
PPTX
Stamford developer group Experience Cloud
Amol Dixit
 
PPTX
Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...
Alek Gokiert
 
PPTX
Deep dive into salesforce connected app - part 2
Mohith Shrivastava
 
Deep dive into salesforce connected app part 4
Mohith Shrivastava
 
Alba Rivas - Building Slack Applications with Bolt.js.pdf
MarkPawlikowski2
 
Dreamforce 2019 Five Reasons Why CLI Plugins are a Salesforce Partners Secret...
Vivek Chawla
 
Delivering powerful integrations without code using out-of-the-box Salesforce...
Cynoteck Technology Solutions Private Limited
 
Single Sign-On and User Provisioning with Salesforce Identity
Salesforce Developers
 
[Delivering Salesforce secure access to remote workforce
Anna Loughnan Colquhoun
 
Admin Best Practices: Remove Security Risk From Your Org with a User Audit
Salesforce Admins
 
Dreamforce Global Gathering
Sudipta Deb ☁
 
WT19: Platform Events Are for Admins Too!
Salesforce Admins
 
WT19: 5 Game-Changing Flow Solutions to Level Up Your Org
Salesforce Admins
 
Introduction to lightning out df16
Mohith Shrivastava
 
Salesforce Stamford developer group - power of flows
Amol Dixit
 
Summer 23 LWC Updates + Slack Apps.pptx
Kishore B T
 
Essential Habits for Salesforce Admins: Security
Salesforce Admins
 
Lightning User Interface Testing with Selenium and Node JS
Keir Bowden
 
Manage and Release Changes Easily and Collaboratively with DevOps Center - Sa...
Amol Dixit
 
Admin Best Practices: Explore the Power of Data with Tableau
Salesforce Admins
 
Stamford developer group Experience Cloud
Amol Dixit
 
Salesforce Sydney Trailblazer User Group Global Gathering Dreamforce ‘19 High...
Alek Gokiert
 
Deep dive into salesforce connected app - part 2
Mohith Shrivastava
 
Ad

More from Mohith Shrivastava (20)

PDF
Best Practices with Apex in 2022.pdf
Mohith Shrivastava
 
PPTX
Successfully retrieving metadata from salesforce org using packages
Mohith Shrivastava
 
PPTX
Successfully creating unlocked package
Mohith Shrivastava
 
PPTX
Implementing Einstein OCR
Mohith Shrivastava
 
PPTX
Enhance salesforce application performance using lightning platform cache
Mohith Shrivastava
 
PPTX
Become a rockstar admin
Mohith Shrivastava
 
PPTX
Build your own dev tools with salesforce cli plugin generator
Mohith Shrivastava
 
PPTX
Modular application development using unlocked packages
Mohith Shrivastava
 
PPTX
Introduction to lightning Web Component
Mohith Shrivastava
 
PPTX
Building Apps On Lightning
Mohith Shrivastava
 
PPTX
Modular Salesforce Application Development Using DX
Mohith Shrivastava
 
PPTX
Spring18 Lightning Component Updates
Mohith Shrivastava
 
PPTX
Introduction To Service Cloud Snapins SDK
Mohith Shrivastava
 
PPTX
Introduction to einstein analytics sdk for lightning
Mohith Shrivastava
 
PPTX
Machine learning with salesforce data using prediction io
Mohith Shrivastava
 
PPTX
Debugging lightning components-SEDreamin17
Mohith Shrivastava
 
PPTX
Introduction to Analytics Cloud
Mohith Shrivastava
 
PPTX
Debugging lightning components
Mohith Shrivastava
 
PPTX
Introduction to lightning components
Mohith Shrivastava
 
PPTX
Lighnting component development
Mohith Shrivastava
 
Best Practices with Apex in 2022.pdf
Mohith Shrivastava
 
Successfully retrieving metadata from salesforce org using packages
Mohith Shrivastava
 
Successfully creating unlocked package
Mohith Shrivastava
 
Implementing Einstein OCR
Mohith Shrivastava
 
Enhance salesforce application performance using lightning platform cache
Mohith Shrivastava
 
Become a rockstar admin
Mohith Shrivastava
 
Build your own dev tools with salesforce cli plugin generator
Mohith Shrivastava
 
Modular application development using unlocked packages
Mohith Shrivastava
 
Introduction to lightning Web Component
Mohith Shrivastava
 
Building Apps On Lightning
Mohith Shrivastava
 
Modular Salesforce Application Development Using DX
Mohith Shrivastava
 
Spring18 Lightning Component Updates
Mohith Shrivastava
 
Introduction To Service Cloud Snapins SDK
Mohith Shrivastava
 
Introduction to einstein analytics sdk for lightning
Mohith Shrivastava
 
Machine learning with salesforce data using prediction io
Mohith Shrivastava
 
Debugging lightning components-SEDreamin17
Mohith Shrivastava
 
Introduction to Analytics Cloud
Mohith Shrivastava
 
Debugging lightning components
Mohith Shrivastava
 
Introduction to lightning components
Mohith Shrivastava
 
Lighnting component development
Mohith Shrivastava
 

Recently uploaded (20)

PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Encapsulation theory and applications.pdf
gurumoop
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 

Deep dive into salesforce connected app part 1

  • 1. Deep Dive into Salesforce Connected App - Part 1 @msrivastav13 | mohith.shrivastava@salesforce.com Mohith Shrivastava, Lead Developer Evangelist
  • 2. Forward-Looking Statement Statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, the one-time accounting non-cash charge that was incurred in connection with the Salesforce.org combination; stock- based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth and sustainability goals. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements we make. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with new data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within the company's strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies, including delays related to the integration of Tableau due to regulatory review by the United Kingdom Competition and Markets Authority; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility, term loan and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at www.salesforce.com/investor. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
  • 3. Agenda ● What is a Connected App? ● Authentication vs Authorization ● Single Sign-On(SSO) , SAML 2.0 ● Connected App Use Cases ● Demo ● Connected App Developers vs Connected App Admins ● Access Data with API Integrations ● Key Considerations when deploying Connected Apps ● References
  • 4. A connected app is a framework that enables an external application to integrate with Salesforce using APIs and standard protocols, such as Security Assertion Markup Language (SAML), OAuth, and OpenID Connect. ● For example, when you log in to your Salesforce mobile app and see your data from your Salesforce org, you’re using a connected app. ● Salesforce CLI leverages connected app when you connect your CLI to the Salesforce ● Salesforce Workbench leverages connected app to authenticate and authorize to Salesforce What is a Connected App?
  • 5. Authentication ● A user provides an identifier to signify the account they wish to access and enters login credential for the account. ● Credentials provided by the user are validated against credentials previously registered during user provisioning. Authentication vs Authorization Authorization ● When a user account is created in salesforce, it is often necessary to specify what the account can do and the privilege it has. ● Example account can access data via web, Access and Manage your data
  • 6. OAuth 2.0 ● It is a protocol that provides authorization solution. ● Enables an app to call an api on its own behalf or users behalf and the call is constrained to the scope of an authorized request. ● Salesforce also adds authentication elements.
  • 7. 1. You open the Salesforce mobile app. 2. An authentication prompt displays, in which you enter your username and password. 3. The Salesforce mobile app sends your credentials to Salesforce and initiates the OAuth authorization flow. 4. Salesforce sends the mobile app access and refresh tokens as confirmation of a successful validation of the user and the mobile app. 5. You approve the request to grant access to the Salesforce mobile app. 6. The Salesforce mobile app starts. OAuth 2.0
  • 8. SSO and SAML 2.0 SSO ● Single Sign-on (SSO) is the ability to log in once and then access additional protected resources or application with the same authentication requirements, without requiring one to re enter credentials ● Identity Provider - A trusted service that enables users to access other external applications without logging in again. ● Service Provider - A service that accepts identity on behalf of the external application from an identity provider. SAML 2.0 ● SAML is an XML-based framework for exchanging security information between business partners ● SAML enables apps to delegate authentication to Identify Provider. ● Identify provider authenticates and returns an assertion with details of user and the authentication event
  • 9. ● Access Data with API Integration ● Integrate other Service Providers within your Salesforce org ● Manage Access to third party apps ● Provide Authorization For External API Gateways Connected App Use Cases
  • 11. Connected App Developer vs Admin Connected App Developer ● A connected app developer is a Salesforce developer or ISV who builds API integrations or external apps that can access Salesforce data as a connected app. ● As a developer, you can build a connected app for your org, but other Salesforce orgs can install and use it too. Connected App Admin ● Install, Uninstall, Block connected apps from the Salesforce org. ● Explicitly defining who can use the connected apps and where they can access the apps from. ● Add Permissions and Profiles and IP Relaxation
  • 12. ● Deploying Connected apps metadata You cannot set the consumerKey in Metadata API. It is included in a retrieve operation for informational purposes. If you try to move the connected app to another org, you must remove the consumerKey from the .zip file before the deployment to an org. A new key will be generated in the destination org. Mobile settings of connected apps are not supported in change sets and must be manually migrated. You cannot add Connected App metadata to Unmanaged Package or Unlocked Package Key Considerations when deploying connected apps
  • 13. Connected Apps https://help.salesforce.com/articleView?id=connected_app_overview.htm&type=5 Authorize Apps with OAuth https://help.salesforce.com/articleView?id=remoteaccess_authenticate.htm&type=5 Connected Apps Basics Trailhead Module https://trailhead.salesforce.com/en/content/learn/modules/connected-app-basics Creating a Connected App Unit https://trailhead.salesforce.com/en/content/learn/projects/build-a-connected-app-for-api-integration/create-a- connected-app References