OAuth Support for Refresh tokens flow #58
Conversation
README.md
Outdated
|
|
||
| 1. Log in to Salesforce as an admin. In the top right corner, click on the gear icon and go to `Setup` | ||
| 2. On the left sidebar, expand `Apps`, expand `External Client Apps`, click `Settings` | ||
| 3. Toggle on `Allow access to External Client App consumer secrets via REST API` |
There was a problem hiding this comment.
Are we sure this step 3 is required?
There was a problem hiding this comment.
Based on my recent test, it seems that refresh token flow works with this toggle turned off. Going to exclude this step for now.
README.md
Outdated
| 7. Under the `API (Enable OAuth Settings)` section: | ||
| 1. Click on the checkbox to Enable OAuth Settings | ||
| 2. Provide a callback URL like `http://localhost:5555/callback` | ||
| 3. In the Selected OAuth Scopes, make sure that `refresh_token`, `api`, `cdp_query_api`, `cdp_profile_api` is selected |
There was a problem hiding this comment.
Nit-pick- "is selected" -> "are selected"
README.md
Outdated
| 1. In the `App Authorization` section, choose an appropriate Refresh Token Policy as per your expected usage and preference. | ||
| 2. Under `App Authorization`, set IP Relaxation to `Relax IP restrictions` unless otherwise needed | ||
| 9. Click `Save` | ||
| 10. Go to the `Settings` tab, under `OAuth Settings`. There, you can use the `Consumer Key and Secret` button to obtain the `client_id` and `client_secret` used during configuring credentials using this SDK |
There was a problem hiding this comment.
Might be more explicit about this instruction: Click this button, then copy those values.
src/datacustomcode/cli.py
Outdated
| @click.option( | ||
| "--auth-type", | ||
| type=click.Choice(["oauth_tokens", "username_password"]), | ||
| default=None, |
There was a problem hiding this comment.
Should we default to OAuth? Similarly, maybe we note this in the README, that users know we'd recommend OAuth over username/password for security reasons.
| "client_secret": "SFDC_CLIENT_SECRET", | ||
| "refresh_token": "SFDC_REFRESH_TOKEN", | ||
| "core_token": "SFDC_CORE_TOKEN", | ||
| } |
There was a problem hiding this comment.
Note for future improvement: I don't think we have these env vars documented in the README yet. Some prefer env vars over INI file, so would be good to have them documented as an alternative to the configure command.
No description provided.