Usually I provide partner wsdl to external system to connect with my Salesforce Org. Externla system call the SOAP API login() and get the session id.
I am trying to implement Oauth as the authentication mechanism and
I looked at – https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_username_password_oauth_flow.htm
I see the external system has to hit the endpoint – https://login.salesforce.com/services/oauth2/token , and passing the following, I will be providing them these details :
- grant_type
- client_id
- client_secret
- username
- password
Obviously the external system has to store all the above values in their application. I read about below paragraph from OAuth article – https://developer.salesforce.com/page/Using_OAuth_to_Authorize_External_Applications where it says OAuth will be a secure way of connection because only access token is used and credential are not stored anywhere.
Why Should I Use OAuth? For your end users the major benefit of OAuth
is security. If an external website's datastore is hacked and all of
their passwords are compromised, the hackers have full access to
sensitive user info. Instead of a user's credentials scattered around
various sites on the Internet, using OAuth the user simply issues
access tokens to individual websites that need access to their data.
If a site's access token and consumer secret are compromised, then the
user or provider can revoke them. In most provider cases a request
authorized with an access token is not authorized to update specific
aspects of the user's account, such as the password or email. With
Force.com, access to data is restricted by the user's profile and its
settings. Users can easily revoke a consumer application's access to
their data by revoking the token from their Personal Information page
under Personal Setup. For developers, OAuth makes life much simpler.
Gone are the days where you have to store your username, password and
security token in your application code or create bespoke login
schemes. Both of these methods are fraught with danger and cause
developers to lose sleep – if your application's security is
compromised or your code is decompiled, then every affected user must
be notified of the security breach and have their password reset. Not
only is this embarrassing but a security breach could lead to legal
actions. If your credentials are coded into multiple applications and
you happen to change your user's password, then you must undertake the
tedious task of updating each application with the new credentials.
Nothing is better on a rainy day than chasing down applications that
now have wrong credentials.
I feel that external system has to store the username and password somewhere and it can be compromised in this case. How does OAuth makes it secure? May be I have not understood it correct. If So, please shed some light on this topic.
Update:
There is no user interface involved in this connection and it is two system connecting with each other. SO there won't be any option to enter the userid and password by someone.
Best Answer
Have you read this: https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com - best article on oAuth out there IMHO.
It discusses all available options. If not listed there then it will not be possible.
Now, if you do not have a way in the external system to have a user authenticate, you could build a visual force page for a user to authenticate and then grab the token. You could then provide the access and refresh token to the external system.
You would need to create a connected app and provide those details to the external system as well...
Doing this will allow the user to be able to revoke the token as needed and negate the need for the external system to store a password. Of course this assumes that the external system has properly implemented oAuth