Home SalesforceApex Accessing External Credential Parameters of Named Credential in Salesforce Apex

Accessing External Credential Parameters of Named Credential in Salesforce Apex

by Dhanik Lal Sahni
External Credential Parameters - SalesforceCodex

Named and External Credential are critical tools for secure data connectivity within Salesforce. Named Credentials serve as a pointer to an external endpoint, enabling the platform to securely authenticate and access resources without disclosing sensitive information such as passwords.

External Credentials, conversely, remove the authentication details from the integration code, improving security by separating sensitive data from the codebase. These credentials can be used within Named Credentials to authenticate to external systems, providing a more centralised and secure method for authentication management in integrations.

In this post, we will see how to add authentication parameters in external credentials and access those parameters in Salesforce Apex Code. I have integrated Salesforce to access tokens. You can use this based on your business requirements.

Let us see step-by-step approach to using external credential parameters in code.

  1. Create a Salesforce Connect App
  2. Create Named and External Credential
  3. Create Apex code to use External Credential Parameters

1. Create a Salesforce Connect App

Create a connected app in Salesforce. Follow steps 1-3 from post Generate Salesforce Authentication Token using Postman to create a connected app.

2. Create Named and External Credential

External Credentials are used to store reusable authentication information for external systems. As we need to generate an access token for Salesforce, we need the below parameters,

client_idPut the Consumer Key value from the connected app created from the above step.
client_secretPut the Consumer Secret value from the connected app created from the above step.
usernameSalesforce username that will be used to authenticate
passwordSalesforce username password + security token for the user.
grant_typepassword (hardcoded)

Let us add these parameters to the external credential. Create an external credential Salesforce Login EC that will use a custom authentication protocol.

External Credential - SalesforceCodex
External Credential in Salesforce

Create a Named Principal

A named principal applies authentication configuration to the named credential. We can use the same credential or authentication configuration for the entire org or we can use a per-user authentication configuration.

Let us create a named principal with the above-mentioned authentication parameters. Parameters added in the named principal are secure and its values are not visible to the user. Create a named credential SFLoginPrincipal.

Add all four types mentioned above in the named principal. In the below image, password and client_secret parameters are added. Add username and client_id as well.

Named Principal in Salesforce

Create a Named Credential

Create a named credential with the name Salesforce Login NC (SalesforceLoginNC) and the below properties.

URLhttps://login.salesforce.com/services/oauth2/token
Allow Calloutchecked
External CredentialAbove created External Credential Salesforce Login EC
Generate Authorization HeaderChecked
Allow Formulas in HTTP HeaderChecked
Allow Formulas in HTTP Body
Help
Checked
Named Credential in Salesforce

Create Permission Set

Create a permission set to provide user access. Create a permission set Salesforce Login PS and assign the above created external credential Salesforce Login EC in External Credential Principal Access. Once a permission set is created, assign this permission set to the required user. For this POC, I have added a permission set to myself.

3. Create Apex code to use External Credential Parameters

We have set up named and external credentials. Let us see how we can use the external credential parameters in Apex. To access external credential parameters, we have to access parameters like below

{!$Credential.<External Credential Name>.<Property Name>}. 
//Access client_id parameter
{!$Credential.SalesforceLoginEC.client_id}

Let us use above-created parameters to get the Salesforce Access token using the apex class.

4. Test Functionality

Let us test above created class by executing the command in the Developer Console.

//SalesforceLoginNC is Named credential name
system.debug(JSON.serializePretty(AccessTokenGenerator.generateToken('SalesforceLoginNC')));

It will return token data as below

Salesforce Access Token - SalesforceCodex
Salesforce Access Token Generation

References

Generate Salesforce Authentication Token using Postman

Create a secure Salesforce API user

Manage Access to a Connected App

Related Posts

Configurable Record Picker in Lightning Web Component

Displaying Tabular Data with GraphQL in Lightning Web Component

Dynamically Instantiate Components in LWC

Seamless YouTube Video API Integration in Salesforce

GraphQL Query Generator in Salesforce Apex

Capture Images in Salesforce using Mobile App

Need Help?

Need some kind of help in implementing this feature, connect on my LinkedIn profile Dhanik Lal Sahni.

You may also like

Leave a Comment