csr is cert signing request using which you request the actual cert (crt) file from a CA (cert authority). You mentioned even csr also as certificate which is incorrect but overall a super good explanation of material
Great explanation could you please let me know if I want to get information of second org Salesforce then I need to create connected app in second org and named credentials on first org?
It is very helpful and nicely demonstrated. Can you add another video about how to add additional custom claims in JWT authentication in the connected app side?
This is the best video I found explaining JWT in detail within Salesforce. But I have a question. Why not generate a self-signed certificate within Salesforce instead of importing it from Java Keystore. Isn't it basically the same thing. With the button 'Self-signed certificate' you bypass all the hassle of creating a certificate and then converting to JKS format. Also I am wondering if you import from Java keystore its only the certificate, but what about the private key. Doesn't Salesforce need private key to create jwt in auth header.
While importing .jks file I am getting following error "The data you were trying to access could not be found. It may be due to another user deleting the data or a system error. If you know the data is not deleted but cannot access it, please look at our support page".
Hi Debarun Sengputa You absolutely nailed it (y) great job.. I have a question can we use JWT to integrate with third party (API Gateway) to Salesforce?
Hi have a question regarding the release update that is related to oauth "Enforce OAuth Scope for Lightning Apps". This release update says that this update enforce the scope of an Oauth token used to authenticate a Lightning app.This change prevent a Lightning app from using Oauth token with unintended permission. I am confused with this release update about the unintended permission. What does it mean???
Brilliant tutorial just shy of perfection because you forgot to show us one very crucial step due to which it took me hours to figure out why I was getting error. For someone who directly jumps to JWT authorization flow, you should mention how to perform prior approval of client app. Otherwise we'll get an error in Post request "user hasn't approved this consumer".
How can we use this procedure for post requests? On attempting, the request body was showing as null in the destination environment where the request was sent
Can you create a video to Use External Data Source With Auth Provider sending Azure JWT token in Header for another server to get data .This would be a great help.
This video is really helpful. Thanks for the content. But I'm facing error while converting pem file to jks file in the 3rd cmd "keytool -keystore //servercert.jks -changealias -alias 1 -destalias salesforcetest" Error I'm facing: Illegal option: - Please help me on this.Thanks.
I am getting Error in "Oauth JWT Bearer token flow walkthrough with postman" can someone help me? grant_type = urn:ietf:params:oauth:grant-type:jwt-bearer here is the error: { "error": "invalid_grant", "error_description": "expired authorization code" }
Please guide me, i am getting following error..when i run from postman then it is working fine but if from any other domain it is giving following error Access to fetch at '@t from origin 'www.mywebsite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status. I have already added the domain into CORS setting in salesforce.
NO ONE HAS DONE A BETTER JOB OF EXPLAINING THIS THAN YOU. THANK YOU SO MUCH. YOU HAVE UNMYSTIFIED THIS FOR ME.................
Glad it helped you
This is one of the best session for JWT found for SF. Very well and point to point explained. Very well done Debarun. Thanks for this session.
Glad it was helpful!
Very helpful, so much informative. No one has explained better then Debarun Sengupta.
Glad it was helpful!
No explanation can be better than this, the presentation has one of the best brevity.
Thanks for making this video. Great work & keep it up.
Glad it helped!
The explanation was seamless and so easy to understand!!! Great job.
Glad it was helpful!
Very informative, E2E, I had tough times understanding named credentials, certifications, JWT related concepts, this cleared all. thanks a lot.
Excellent explanation with execution, it's worked
Thanks for the Video
Glad it helped
Wonderfully explained. Thanks for taking time to put this video
Glad you liked it
Incredibly well explained demo. Great work!
Thanks
Very nicely explained. This information is pure gold!!
Glad you think so!
csr is cert signing request using which you request the actual cert (crt) file from a CA (cert authority). You mentioned even csr also as certificate which is incorrect but overall a super good explanation of material
Thank you! This material was utterly perfect!
You're very welcome!
This is the best tutorial video I have ever seen. You absolutely nailed it.🙏
Glad it was helpful!
Debarun Sengupta you explain every concepts in detail and that too really well.
Please do more sessions like this.Thank you so much.
Glad that you liked it.
Glad that you liked it.
Excellent quality. Very well explained
Very well explained and very informative.
Glad it was helpful!
A very good video. I recommend this!
Glad you enjoyed it!
Awesome session. Very easy to understand
Glad to hear that
Nice explanation. And your work to host interesting developer sessions is awesome. Thanks for that.
Thanks
well-structured video, good job
Keep watching
Thank you so much for this, you literally saved my job with this
Glad I could help!
Thank you. Excellent post on this topic.
Glad you enjoyed it!
Great explanation! -Thank you so much.
Glad it was helpful!
Exactly what I was looking for. Thanks a lot!
Great to hear!
Great explanation, it helped me a lot. Thank you!
Glad it helped! Stay connected we are coming with all oAuth Flow soon in FEB
nice explanation with demo, AS i am looking for JWT implementation reference. thanks to Apexhours and team
Glad it was helpful!
Nicely Explained. Thanks!
Glad it was helpful! Please like and share
Thanks for this helpful session!
Glad it was helpful! Keep watching
Wonderful Session!!
Thank you kindly
Great video! Helped me with my poc :)
Glad it helped!
Awesome explanation
Glad you liked it
Excellent Explanation
Glad it was helpful!
Thank you so much.
well explained.
Thanks Keep watching
Great explanation could you please let me know if I want to get information of second org Salesforce then I need to create connected app in second org and named credentials on first org?
We will create one session on same topic soon
Nice Video !!!
Thanks for the visit
It is very helpful and nicely demonstrated. Can you add another video about how to add additional custom claims in JWT authentication in the connected app side?
Great suggestion!
Great explanation. Very useful video. Is the access token different from Session Id or both are same?
access token is used to access the application
This is the best video I found explaining JWT in detail within Salesforce. But I have a question. Why not generate a self-signed certificate within Salesforce instead of importing it from Java Keystore. Isn't it basically the same thing. With the button 'Self-signed certificate' you bypass all the hassle of creating a certificate and then converting to JKS format. Also I am wondering if you import from Java keystore its only the certificate, but what about the private key. Doesn't Salesforce need private key to create jwt in auth header.
JWT needs x509 certificate. Hence CLI was used to convert the file format to jks to import into salesforce
Thanks for helping Debarun
While importing .jks file I am getting following error "The data you were trying to access could not be found. It may be due to another user deleting the data or a system error. If you know the data is not deleted but cannot access it, please look at our support page".
How many times the "Nothing but" is used in this video?
Can we have a video/session on different grant types flows as well? Is there anyways we can put questions to Apex Hours team?
Coming Soon. Keep posted your question
I need to use this flow to verify guest user from the community site from only one org..does it work?
Hi Debarun Sengputa You absolutely nailed it (y) great job.. I have a question can we use JWT to integrate with third party (API Gateway) to Salesforce?
Thanks
Yes possible for server to server use case...i have seen it in apigee gateway
Thank you @debarun sengupta
Hi have a question regarding the release update that is related to oauth "Enforce OAuth Scope for Lightning Apps". This release update says that this update enforce the scope of an Oauth token used to authenticate a Lightning app.This change prevent a Lightning app from using Oauth token with unintended permission. I am confused with this release update about the unintended permission. What does it mean???
Brilliant tutorial just shy of perfection because you forgot to show us one very crucial step due to which it took me hours to figure out why I was getting error. For someone who directly jumps to JWT authorization flow, you should mention how to perform prior approval of client app. Otherwise we'll get an error in Post request "user hasn't approved this consumer".
Thanks for feedback
Thank you so much its very useful video. I have a question can we integrate Pardot using JWT Bearer token flow?
Glad you like. Not sure about pardot
How can we use this procedure for post requests? On attempting, the request body was showing as null in the destination environment where the request was sent
How will I get the Slides presented here ?
check here www.apexhours.com/oauth-authorization-flows-in-salesforce/
I am not able to get the references slide.
Can you please share the link
Check apex hours blog post for same
Why we don't use client secret for Authorization?
Can you create a video to Use External Data Source With Auth Provider sending Azure JWT token in Header for another server to get data .This would be a great help.
Soon
you have done it in a way that it is extremely difficult to understand, for one who is trying to learn.
This video is really helpful. Thanks for the content.
But I'm facing error while converting pem file to jks file in the 3rd cmd "keytool -keystore //servercert.jks -changealias -alias 1 -destalias salesforcetest"
Error I'm facing: Illegal option: -
Please help me on this.Thanks.
You must have Jre installed in your computer to run keytool commands
I am getting Error in "Oauth JWT Bearer token flow walkthrough with postman" can someone help me?
grant_type = urn:ietf:params:oauth:grant-type:jwt-bearer
here is the error:
{
"error": "invalid_grant",
"error_description": "expired authorization code"
}
Please guide me, i am getting following error..when i run from postman then it is working fine but if from any other domain it is giving following error
Access to fetch at '@t from origin 'www.mywebsite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
I have already added the domain into CORS setting in salesforce.