Oauth Authorization flows in Salesforce | Web Server flow | JWT Bearer token flow

NO ONE HAS DONE A BETTER JOB OF EXPLAINING THIS THAN YOU. THANK YOU SO MUCH. YOU HAVE UNMYSTIFIED THIS FOR ME.................

Very informative, E2E, I had tough times understanding named credentials, certifications, JWT related concepts, this cleared all. thanks a lot.

Excellent quality. Very well explained

Very helpful, so much informative. No one has explained better then Debarun Sengupta.

Incredibly well explained demo. Great work!

Very nicely explained. This information is pure gold!!

This is one of the best session for JWT found for SF. Very well and point to point explained. Very well done Debarun. Thanks for this session.

csr is cert signing request using which you request the actual cert (crt) file from a CA (cert authority). You mentioned even csr also as certificate which is incorrect but overall a super good explanation of material

No explanation can be better than this, the presentation has one of the best brevity.
Thanks for making this video. Great work & keep it up.

Thank you! This material was utterly perfect!

Nice explanation. And your work to host interesting developer sessions is awesome. Thanks for that.

Wonderfully explained. Thanks for taking time to put this video

Thank you so much for this, you literally saved my job with this

Excellent explanation with execution, it's worked
Thanks for the Video

Awesome session. Very easy to understand

Great explanation, it helped me a lot. Thank you!

Great explanation! -Thank you so much.

Thanks for this helpful session!

Wonderful Session!!

Exactly what I was looking for. Thanks a lot!

Nicely Explained. Thanks!

well-structured video, good job

A very good video. I recommend this!

This is the best tutorial video I have ever seen. You absolutely nailed it.🙏

Thank you. Excellent post on this topic.

nice explanation with demo, AS i am looking for JWT implementation reference. thanks to Apexhours and team

Great video! Helped me with my poc :)

Thank you so much.

Debarun Sengupta you explain every concepts in detail and that too really well.
Please do more sessions like this.Thank you so much.

Awesome explanation

Excellent Explanation

How can we use this procedure for post requests? On attempting, the request body was showing as null in the destination environment where the request was sent

Nice Video !!!

Hi have a question regarding the release update that is related to oauth "Enforce OAuth Scope for Lightning Apps". This release update says that this update enforce the scope of an Oauth token used to authenticate a Lightning app.This change prevent a Lightning app from using Oauth token with unintended permission. I am confused with this release update about the unintended permission. What does it mean???

well explained.

I need to use this flow to verify guest user from the community site from only one org..does it work?

While importing .jks file I am getting following error "The data you were trying to access could not be found. It may be due to another user deleting the data or a system error. If you know the data is not deleted but cannot access it, please look at our support page".

It is very helpful and nicely demonstrated. Can you add another video about how to add additional custom claims in JWT authentication in the connected app side?

I am getting Error in "Oauth JWT Bearer token flow walkthrough with postman" can someone help me?
grant_type = urn:ietf:params:oauth:grant-type:jwt-bearer
here is the error:
{
"error": "invalid_grant",
"error_description": "expired authorization code"
}

Please guide me, i am getting following error..when i run from postman then it is working fine but if from any other domain it is giving following error
Access to fetch at '@t from origin 'www.mywebsite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
I have already added the domain into CORS setting in salesforce.

How many times the "Nothing but" is used in this video?

Why we don't use client secret for Authorization?

Thank you so much its very useful video. I have a question can we integrate Pardot using JWT Bearer token flow?

you have done it in a way that it is extremely difficult to understand, for one who is trying to learn.

Can we have a video/session on different grant types flows as well? Is there anyways we can put questions to Apex Hours team?

Great explanation. Very useful video. Is the access token different from Session Id or both are same?

This is the best video I found explaining JWT in detail within Salesforce. But I have a question. Why not generate a self-signed certificate within Salesforce instead of importing it from Java Keystore. Isn't it basically the same thing. With the button 'Self-signed certificate' you bypass all the hassle of creating a certificate and then converting to JKS format. Also I am wondering if you import from Java keystore its only the certificate, but what about the private key. Doesn't Salesforce need private key to create jwt in auth header.

Great explanation could you please let me know if I want to get information of second org Salesforce then I need to create connected app in second org and named credentials on first org?

Brilliant tutorial just shy of perfection because you forgot to show us one very crucial step due to which it took me hours to figure out why I was getting error. For someone who directly jumps to JWT authorization flow, you should mention how to perform prior approval of client app. Otherwise we'll get an error in Post request "user hasn't approved this consumer".

How will I get the Slides presented here ?

Hi Debarun Sengputa You absolutely nailed it (y) great job.. I have a question can we use JWT to integrate with third party (API Gateway) to Salesforce?

This video is really helpful. Thanks for the content.
But I'm facing error while converting pem file to jks file in the 3rd cmd "keytool -keystore //servercert.jks -changealias -alias 1 -destalias salesforcetest"
Error I'm facing: Illegal option: -
Please help me on this.Thanks.

I am not able to get the references slide.
Can you please share the link

Can you create a video to Use External Data Source With Auth Provider sending Azure JWT token in Header for another server to get data .This would be a great help.