When we want to send data from Salesforce to an external system like a Google API or a payment system, we need to provide authentication details (username, password, or access token). If we write these details directly in Apex code, it is not secure and difficult to maintain.
To solve this, we set up External Credentials in Salesforce. It stores the external system URL and authentication details securely. Then, whenever Apex, Flow, or Integration needs to connect with that system, it just uses the Named Credential.
In this article, we will learn how to create external credentials in Salesforce, allowing us to securely connect Salesforce with external systems without providing sensitive information in Apex code.
External Credentials in Salesforce
The external credentials in Salesforce refer to the verification information used to establish the connection between the external system and Salesforce. These types of credentials are used to validate resources or execute actions in an external system.
This type of external credential is used in the integration scheme, where Salesforce requires an interface with an external system, such as web services, databases, and other applications.
For example, when a new lead is created, we want to verify if the email provided is real and active before assigning it to the sales team. Instead of using Apex code, I used an HTTP callout in the flow to send the email address to an external email validation API.
Create External Credential in Salesforce
Below, I will explain how to create the external credential to define the authentication method, such as API key, username-password, or OAuth, that Salesforce will use to connect with the external system.
To create the credentials in Salesforce, click on the Setup. -> Home Page. -> In the Quick Find Box, Search for Named Credentials. You will see an option under Security. -> Click on it.
There, you need to click the “External Credential” option and then click the “New” button to create external credentials.
When creating an external credential, first enter a Label, such as an email validation credential. The Name field will be automatically populated based on the label you provide.
After that, select the Authentication Protocol, which defines the method Salesforce will use to connect with the external system (for example, api key, username-password, OAuth, or custom).
Then click the Save button.
Then we need to create the principal in the external credential to define who is making the callout to the external system. Here, I provided the parameter name as Email Validation Principle.
A Principal defines who or what can use the External Credential. It links the external credential to a user, permission set, or integration, so Salesforce knows which user or process can access the external system.
In this way, we can create the external credentials in Salesforce.
Where do we use External Credentials in Salesforce?
We use external credentials when creating a named credential to connect Salesforce with an external system securely. When creating the named credential, we need to authenticate it.
For authentication, in the External Credential field, select the External Credential we created. This links the Named Credential to the authentication details stored in Salesforce.
Create a Permission Set for the User in Salesforce
Initially, the user doesn’t have external credential principal access, so we need to create the permission set and assign it to the user.
A Permission Set in Salesforce is used to grant access to users, allowing them to use External Credentials or Named Credentials.
When you create an External Credential, you define how Salesforce will connect to an external system. But Salesforce needs to know which users or processes are allowed to use it.
Conclusion
I hope you have got an idea of how to create an External Credential in Salesforce. I have also explained how it works with a Named Credential and Permission Set.
You may like to read:
- Transform Element in Salesforce Flow
- Use HTTP Callout In Salesforce Flow
- Grant Login Access to Support in Salesforce
- Reset a User Password in Salesforce
I am Bijay Kumar, the founder of SalesforceFAQs.com. Having over 10 years of experience working in salesforce technologies for clients across the world (Canada, Australia, United States, United Kingdom, New Zealand, etc.). I am a certified salesforce administrator and expert with experience in developing salesforce applications and projects. My goal is to make it easy for people to learn and use salesforce technologies by providing simple and easy-to-understand solutions. Check out the complete profile on About us.
