Salesforce has various integration and Apex utilities that app developers can use in integrating to external web services using callouts. This post will help users understand what named credentials are and teach them steps on how to create one.
What is a Named Credential?
A named credential is a configuration feature that takes the burden out of most authentication processes. They’re used to let Salesforce handle some or most authentications within the org or with other Salesforce orgs. Named credentials are used to store various callout configurations, including the following:
- Callout certificates
- Settings for authentication
- Authentication protocol, if it’s required or needed
- HTTP endpoints
Benefits of Named Credentials
Here are some benefits of using named credentials in Salesforce:
- Using named credentials takes most of the work done by the Remote Site Setting configuration. Callouts to external sites often require remote site setting, but if a user places a named credential as a callout endpoint, the configuration part can be skipped. As a result, Salesforce handles all authentication itself.
- Writing codes for authenticating with custom settings or custom meta data is eliminated when named credentials are defined.
- They also make callouts easy to maintain. Named credentials separate the URL from the authentication, making it easier to make changes to both the endpoint URL and authentication if needed.
Setting Up a Named Credential
- Navigate to the Setup screen.
- Enter Named Credentials in the Quick Find Box.
- Named Credentials will appear. Click on it to launch the New Named Credential dialog box.
- Enter the information called for in the following fields:
- Label (displayed in the Salesforce interface)
- Name (unique API name/identifier)
- URL – This is the root URL of the callout endpoint. It starts with http:// or https://
- Determine the settings for the authentication part:
- Certificate – This will be used for authenticating in 2-way SSL authentications.
- Identity Type – Lets the admin grant or remove user access. Separate credentials per user must be defined if the external system is accessed through callouts.
- Authentication Protocol – Set to either OAuth 2.0 or Password authentication.
- Lastly, define the callout options by ticking on the desired choices. Options include the following:
- Generate Authentication Header
- Allow Merge Fields in HTTP Header
- Allow Merge Fields in HTTP Body.
- Once done, save everything. The new named credential is now created.