Salesforce Developer Security Authentication Delegated Authe
// Salesforce - Developer - Security - Delegated Authentication: Delegated authentication is a form of authentication that forwards the username and password from Salesforce via web-service callout to an admin specified endpoint that can verify and authenticate the user. 1. To build the external webservice, a WSDL is available in the Salesforce setup menu. Navigate to Setup -> Build -> Develop -> Api and click “Delegated Authentication WSDL” 2. Users are enabled for delegated authentication via the “Single Sign-On Enabled” profile permission. Due to the fact that an external system is validating the credentials, it is possible to incorporate more advanced features to this form of authentication, like time based tokens. The downside of this form of authentication is that credentials are sent over the internet. This is not considered a security best practice since it opens up a vector for password disclosure if a malicious actor can insert themselves between Salesforce and your external webservice.
page revision: 0, last edited: 01 Jan 2017 22:57