This blog will act as a reference for creating an OAuth web application for Salesforce to interact with the REST API. We have done the grunt work and have listed out just the resources you need to integrate.

This post is not an in-depth tutorial on how to build OAuth apps in general, some prior knowledge of how OAuth apps work is required.

Signup for a Salesforce Developer Account

Head on over to https://developer.salesforce.com/signup to sign up for a Salesforce Developer Edition account.

Salesforce Developer Edition Signup

Create a new Connected App

This is an OAuth app you will use to get the credentials for users and call the REST API endpoints

1. Search for "App Manager" in the search box on top of the screen.

Search for App Manager

2. Click "New Connected App" button on the top right corner of the screen

Create new Connected App

3. Punch in the basic information of the app

New Connected App Basic Information

4. In the API (Enable OAuth Settings) section, check Enable OAuth Settings. Fill in the callback URL, and make sure to select Manage user data via APIs (api)  and Perform requests at any time (refresh_token, offline_access) OAuth Scope s along with other scopes required by your app.

OAuth Settings for the Connected App

⚠️ If you are using Truto as your integrations provider, please uncheck the PKCE checkbox.

5. On the App's detail page, click Manage Consumer Details button, it will open a new tab and ask for an OTP sent to your email.

Button to view Client ID and Client Secret

6. After entering the OTP, you will see your Consumer Key (Client ID) and Consumer Secret (Client Secret) on the screen. Make a note of them.

Client ID and Secret

OAuth flow (Generating access tokens)

Once you have the Consumer Key and Consumer Secret, the OAuth flow Salesforce follows is pretty straightforward.

You can find all the OAuth Endpoints here. Use any OAuth client of your choice to initiate the OAuth flow.

Once you have the access_token, you can use Bearer authentication with the Salesforce REST API.

Connected apps are available for all Salesforce instances

As Aleksandar Kovačević pointed out on Reddit –

One important thing that is not obvious the first time you do this is that the connected app you create in the developer org can be used to authenticate users to ANY salesforce instance. Meaning that users on specific instances don’t need to create the connected app manually to authenticate over the REST API, Salesforce handles that automatically.

Your customers do NOT need to go through this whole process. All they need to do is allow access to your app in the OAuth Consent screen that shows up.

Following these steps will put you on the right path to integrating Salesforce CRM.

Are you looking to natively integrate with all leading CRMs such as HubSpot, Close, Pipedrive, Copper, and Microsoft Dynamics Sales 365? Use Truto.one for free. It’s built for developers by developers to natively integrate all CRMs in one go.

If you have any questions or run into a roadblock, feel free to reach out to us at [email protected], we’ll be happy to help.