This helped me solve one issue, i was trying to add read permission to account through permission set without selecting that Salesforce Api integration license😅
Thanks for this! it worked with the example you provided, however when I added create and edit to the permission set and then tried to create an account through api endpoint I got an access error. Is there a reason for this?
Hi Samarth Thanks for explaining everything step by step. I have few queries. You didn't provide the username and password, to fetch the details from the org. Is it following the below flow: Call to app using cleint id n creds --> connects to run as user internally--> fetches data based on the user access? Also how the server-to-server call works here, dont we have to share the client id n secret with the other team for the connection? In our org we have OAuth2 connection where the grant type is password, which takes below parameters : Username, password, grant_type, client id and secret. Isn't this version more secure than then Client Credentials Flow? Thanks in advance. Arti
Hi Arti, the flow which you’re talking about is username password. This one is not recommended anymore by Salesforce. And client credentials flow is more secure than it. We have the share the consumer key and secret to the external application for this to work. If you want more secure flow, then you can even check JWT bearer flow.
@@artidhamale6693 No because username and password are shared as well. Sharing password is never a good option. But in Client Credentials flow, the running user only has the API only permission, i.e. the user can only login through the API and not through UI