Salesforce Developer Security Auth Oauth Websso Samlflow

salesforce-developer-security

// Salesforce - Developer - Security - OAuth - Web SSO SAML Assertion Flow:

The SAML assertion flow is an alternative for organizations that are currently 
using SAML to access Salesforce, and want to access the Web services API the 
same way. The SAML assertion flow can only be used inside a single organization. 
You do not have to create a connected app to use this assertion flow. Clients 
can use this to federate with the API using a SAML assertion, in much the same 
way as they would federate with Salesforce for Web single sign-on.

There are two important things of note with this flow:

1. This flow does not use a client_id or client_secret.

2. No refresh token is granted, only an access token.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License