Posts

Showing posts with the label Integration

OAuth 2.0 JWT Bearer Flow for Server-to-Server Integration

Image
In a server-to-server integration, there is no need for an user to interactively log in to provide authorization.  In this case OAuth 2.0 JSON Web Token (JWT) bearer flow can provide the authorization. Communities support all available authentication flows, except for the username-password OAuth authentication flow and the SAML assertion flow ( https://help.salesforce.com/articleView?id=networks_auth_configure_oauth.htm&type=0 ) Hence , we can use a flow like web server or user agent flow or use JWT flow. ( https://help.salesforce.com/articleView?id=remoteaccess_oauth_jwt_flow.htm&type=0 ) When we talk about JSON Web Token, it is consist of 3 parts Headers –  Which contains the algorithm which will be used to sign the request Payload –  The actual data and information about the users Signature –  Signature consists of 3 parts and the structure is given below.   Payload consist of 4 parts issuer "iss", this is the consumer key for your connected app audi...