[SalesForce] OAuth2 Connected Apps getting ClientID and Secret

I've got OAuth2 working in a small project using JSForce(fantastic library). I can authenticate and all seems to work fine. The problem is, how does this work on a large scale? The app I am planning will be hosted on node.js on Heroku.

Using JSForce, you have to hardcode in the clientID and secret.

var jsforce = require('jsforce');

// OAuth2 client information can be shared with multiple connections.
var oauth2 = new sf.OAuth2({
  // you can change loginUrl to connect to sandbox or prerelease env.
  // loginUrl : 'https://test.salesforce.com',
  clientId : '<your Salesforce OAuth2 client ID is here>',
  clientSecret : '<your Salesforce OAuth2 client secret is here>',
  redirectUri : '<callback URI is here>'

If I plan on deploying an app that can work from the app exchange, how do you go about getting the clientID and secret into the app that is hosted on Heroku? Would I need another step prior to the actual OAuth2 flow that sends these over to my Heroku app?

I assume that since these values are hardcoded, you can't simply use the same ones for multiple orgs.

Best Answer

Oauth works for all the orgs .

Once you have client Id and client secret ,your org with connected app can connect to any of other salesforce instances .

It need not be specific to your org .Almost all apps run on the same principal .Its common misconception that it is org specific .

Related Topic