External Services: Authentication and Named Credentials

/ ForcePanda

Named credentials are AMAZING! And the good thing is you can use Named Credentials in both External Services and Apex to make successful callouts.

But wait, what is authentication? What are Named Credentials? What are we talking about here? Well, let’s start with authentication.

Quick note: If you’re not familiar with APIs and web callouts, please check the 2 short videos linked in one of my previous article.

Authentication

Authentication(not to be confused with Authorization), in simple terms, is the process of verifying the identity for the user who is trying(or will) to access the API. The process of authentication is not just restricted to Salesforce but applies to almost every other integration.

Authentication in itself is a huge topic which requires a fail amount of time if you want to understand it thoroughly. I’ll keep it light here and drop some resources at the end.

Named Credentials

Named Credential is basically a place where you store some sensitive data that helps you authenticate with the external system. When creating a Named Credential, you will have to choose one of the listed authentication protocols based on what is supported by the external system. To figure out what authentication protocol is being follow in the external system, you will have to refer to the authentication part API document(generally well documented) available for that external system.

  • Some APIs do not require authentication, mostly the open APIs and some APIs(like YouTube Data API) use ‘API key’ to authenticate the requests. For such APIs, you can simply select ‘No Authentication’ as the authentication protocol.
  • Some APIs use Username and Password(like Twilio). For these, you can simply choose ‘Password Authentication’ as auth protocol and enter the username and password.
  • Most of the APIs around web nowadays, use OAuth 2.0, a very well known and widely accepted authorization framework across the web. To set up Named Cred for this, you’ll need to understand how OAuth 2.0 works.

Similarly, there are other auth protocols like JWT, JWT Token Exchange and AWS Signature Version 4(specific for AWS web services) that you’ll find in the ‘Authentication Protocol’ picklist of Named Creds that are used by external APIs for authorization and authentication.

That’s it for this part. In the next part, I’ll discuss how we can set up Named Credentials for APIs that use OAuth 2.0.

Hope this was an interesting read for you! Catch you in the next one! ✌
And thank you for being an awesome reader! Subscribe to this blog for receiving all the latest updates straight to your inbox. 🙂

3 thoughts on “External Services: Authentication and Named Credentials

  1. Pingback: External Services: Set up Named Credentials for OAuth 2.0 |  forcePanda

  2. Pingback: From Narender Singh: External Services – Authentication and Named Credentials – UnofficialSF

  3. Pingback: Low Code Integration: Google Cloud Vision API & Salesforce via External Services |  forcePanda

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.