Salesforce Integration Guide

What Is Salesforce Integration? 🔗 Salesforce Integration Guide

Salesforce integration is the process of connecting Salesforce with external systems to
exchange data and enable seamless workflows. Integrations can help:
- Share data in real-time or in batches
- Trigger processes or notifications
- Extend Salesforce with third-party services
- Keep external systems in sync What Is Salesforce Integration?

Types of Integrations in Salesforce 📘 What Is Salesforce Integration?

Inbound Integration (External System ➡️ Salesforce)

This means external systems call Salesforce to push or fetch data.

Common Examples:
- A web portal sending form data into Salesforce
- An ERP system creating Opportunities or syncing inventory
- A mobile app retrieving customer data from Salesforce 🔄 Inbound Integration
(External System ➡️ Salesforce)

Tools & Technologies Used:

- Salesforce REST/SOAP APIs
- Bulk API / Composite API
- Apex REST Endpoints (Custom web services)
- Connected App (for secure authentication)
- Authentication Providers (OAuth 2.0)

When to Use:
- External system needs to write or read Salesforce data
- You want Salesforce as the data store
- Scenarios where external system initiates the process

Outbound Integration (Salesforce ➡️ External System)

This means Salesforce initiates a call to an external system. 🔄 Outbound Integration
(Salesforce ➡️ External System)
Common Examples:
- Sending a customer record to an external billing system
- Triggering an external API when a case is closed
- Sending lead data to a marketing automation platform

Tools & Technologies Used:

- Named Credentials (secure endpoint & auth management)
- Apex Callouts (HTTP callouts using HttpRequest)
- Outbound Messages (declarative, via Workflow)
- Platform Events (pub/sub async architecture)
- External Services / Flow Integrations
- MuleSoft or Salesforce Connect 🌐 OAuth 2.0 in Salesforce Integrations

When to Use:
- You need to send Salesforce data to an external system
- Salesforce is the source of truth or initiator
- Real-time sync or automation based on record changes

Inbound vs Outbound – Key Differences

Feature Inbound Integration Outbound Integration
Direction External system Salesforce External
Salesforce system
Initiator External system Salesforce
Common Use Case Syncing data into Salesforce Sending data from
Salesforce
Security Tool Connected App, Auth Named Credential, Remote
Provider Site Settings
Authentication Flow OAuth 2.0 or API Key to Salesforce authenticates to
access Salesforce external API
Triggered By External event or job Apex Trigger, Flow,
Platform Event

OAuth 2.0 in Salesforce Integrations

OAuth 2.0 is the industry-standard protocol for authorization. It's used when you need
secure, token-based access between Salesforce and external systems — whether you're
calling into Salesforce (Inbound) or from Salesforce (Outbound).

Where OAuth 2.0 Is Used:

- Inbound integrations via Connected App
- Outbound integrations via Named Credentials (when set to OAuth 2.0)
- User-to-server and server-to-server flows
Key OAuth Endpoints in Salesforce

1. Authorization Endpoint
Purpose: Used to initiate the OAuth flow and get the user's authorization to access data.
Typical URL: https://login.salesforce.com/services/oauth2/authorize
What Happens Here?
- The user is redirected to this endpoint
- They log in and approve the app’s access
- Salesforce responds with an authorization code

2. Token Endpoint
Purpose: Used to exchange the authorization code for an access token.
Typical URL: https://login.salesforce.com/services/oauth2/token
What Happens Here?
- A POST request is made with:
- grant_type=authorization_code
- client_id, client_secret
- code (from the previous step)
- Salesforce returns an access token (and optionally a refresh token)
- This token is used to call Salesforce APIs

Common OAuth 2.0 Flows in Salesforce

OAuth Flow
OAuth Flow
Authorization Code
Client Credentials (JWT)
Username-Password
Refresh Token
Device Flow (newer)
Use Case
Web apps needing user
login
Server-to-server auth
without user interaction
Simple integration (less
secure)
Keep session alive without
re-authenticating
IoT or limited UI devices
Example
Portal login to Salesforce
Middleware sending data to
Salesforce
Legacy systems with basic
auth
Background processes
Salesforce integrations on
kiosks

Bonus Tips
- Use Named Credentials in Salesforce to simplify managing OAuth tokens for outbound
callouts
- Use Connected App + Auth Provider when allowing external apps/users to connect to
Salesforce
- Use refresh tokens to keep long-running integrations alive without re-authorization
- Monitor OAuth usage in Salesforce under Setup → Connected Apps OAuth Usage
OAuth 2.0 Flowchart:

Real-world JSON Example for OAuth 2.0

{
"authorization_code_request": {
"url": "https://login.salesforce.com/services/oauth2/authorize",
"params": {
"client_id": "your-client-id",
"response_type": "code",
"redirect_uri": "https://your-app.com/callback",
"scope": "full",
"state": "secureRandomString"
},
 "example_response": {
"code": "authorization_code_from_salesforce"
}
},
"token_request": {
"url": "https://login.salesforce.com/services/oauth2/token",
"params": {
"grant_type": "authorization_code",
"client_id": "your-client-id",
"client_secret": "your-client-secret",
"code": "authorization_code_from_salesforce",
"redirect_uri": "https://your-app.com/callback"
},
"example_response": {
"access_token": "access_token_from_salesforce",
"refresh_token": "refresh_token_from_salesforce",
"instance_url": "https://your-org.salesforce.com",
"id": "https://login.salesforce.com/id/00Dxx0000001ABeU",
"token_type": "Bearer",
"issued_at": "1587056239025",
"signature": "oauth_signature"
}
}
}