Delegated Authentication (HTTP)

Delegated Authentication (HTTP) SSO Flow
  • Enables authentication to Salesforce without prompting for credentials
  • Application must manage or be able to acquire the token, assertion or password
  • A token or assertion is preferable to avoid sending corporate passwords to or from Salesforce
  • If a token or assertion is used, this should be set as the password in the POST to the Salesforce login page
Walkthrough and Additional Considerations (Apex Hours)

This Flow in Context
Diagram showing flow in context