All about the integration between DemocracyLab's web site and Salesforce instance
Based on OAuth 2.0 JWT Bearer Flow for Server-to-Server Integration
Access to Salesforce data is provided by the Lightning Platform REST API. Exposing this API from DemocracyLab's Salesforce instance is achieved by configuring a Salesforce connected app, which in our case is named "DemocracyLab Integration." This connected app secures the API by way of a signed certificate (used to generate a JSON web token).
Note: When working with a sandbox org, refreshing the sandbox will change the client key and invalidate the previous security configuration
Some important securtiy settings:
-
Use some cryptography framework (e.g. OpenSSL) to create a private key and a self-signed certificate
-
Create the JWT (JSON web token) from the certificate's private key. You could use are Node's built-in crypto module or the pyjwt library, to name just two available alternatives
Authenticate with the Salesforce API by using the JWT as the assertion in the access token request
data={
'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion': [JSON web token here]
},
headers={'content-type': 'application/x-www-form-urlencoded'}
[TODO]
See https://documenter.getpostman.com/view/150694/SzmY9MgZ
Other developer resources