Enable O-Auth and API (Enable OAuth Settings)- Access Points+ Policies.
· Available O-Auth Scopes- https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_flows.htm&language=en_US&type=5
· Primary and recommended one is full access.
· Below are the pre-selected sections for O-Auth:
o Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows.
o Require Secret for Web Server Flow.
o Require Secret for Refresh Token Flow.
o Issue JSON Web Token (JWT)-based access tokens for named users- this is not necessary, but it is advised to check this.
· O-Auth recommended flow: o OAuth Endpoints (http://salesforce.com )
Establish Connection using Oauth-
Changes required on Connected App before establishing a Connection using Oauth method:
Enable the client credentials flow using the following steps: 1. Create your connected app, and complete its basic information. 2. Configure the necessary OAuth settings for the connected app.
Enable the client credentials flow for your connected app.
From Setup, in the Quick Find box, enter Apps, and then select App Manager.
Find your connected app, click, and then select Edit.
Under API (Enable OAuth Settings), select Enable Client Credentials Flow.
When you understand the security risks, accept the warning.
Save your changes.
Select an execution u
Note: Although there’s no user interaction in the client credentials flow, Salesforce still requires you to specify an execution user. By selecting an execution user, you allow Salesforce to return access tokens on behalf of this user.
NOTE Permitted Users policies, such as All users may self-authorize and Admin approved users are pre-authorized, don’t apply to the execution user.
From the connected app detail page, click Manage.
Click Edit Policies.
Under Client Credentials Flow, for Run As, click on search, and find the user that you want to assign the client credentials flow. For Enterprise Edition orgs, we recommend that you select an execution user who has the API Only User permission.
Save your changes.