- Enables authentication to Salesforce without prompting for credentials
- Application must manage or be able to acquire the token, assertion or password
- A token or assertion is preferable to avoid sending corporate passwords to or from Salesforce
- If a token or assertion is used, this should be set as the password in the POST to the Salesforce login page
This Flow in Context
