1. pankaj989's Avatar
    I have my Salesforce organization configured to use SSO through Azure Active Directory. Now I'm trying to use Azure AD and the 'On Behalf of Flow' to authenticate to the Salesforce REST API.

    For the Setup of API A in the diagram I have added the user_impersonation permission for Salesforce and have granted Admin Consent for it.

    I'm able to successfully authenticate to API A and complete the token exchange, and receive a token for salesforce. However, when calling salesforce using the token I get back from Azure AD, I receive a 401 unauthorized. salesforce admin certification has been developed for Beginners, Intermediate, and advanced Salesforce users to enhance your knowledge and understanding of the Salesforce CRM platform.

    This is the code I'm using on Web API A to exchange for the Salesforce Access Token

    //Get the original JWT From the header
    var authZhdr = Request.Headers.FirstOrDefault(h => h.Key.Equals("Authorization"));
    var token = authZhdr.Value.FirstOrDefault().Substring(7);

    //Exchange original JWT for Salesforce Token
    IConfidentialClientApplication clnt = ConfidentialClientApplicationBuilder
    .Create(_config.GetValue<string>("AzureAd:ClientId"))
    .WithClientSecret(_config.GetValue<string>("AzureAd:ClientSecret"))
    .WithAuthority(AadAuthorityAudience.AzureAdMyOrg)
    .WithTenantId(_config.GetValue<string>("AzureAd:TenantId"))
    .Build();
    UserAssertion ua = new UserAssertion(token);

    var res = clnt.AcquireTokenOnBehalfOf(new string[] { "https://<my-org>-dev-ed.my.salesforce.com/user_impersonation" }, ua).ExecuteAsync().Result;

    var access_token = res.AccessToken

    var http = new HttpClient();
    http.BaseAddress = new Uri("https://<my-org>-dev-ed.my.salesforce.com/services/data/v50.0/");
    http.DefaultRequestHeaders.Authorization = new AuthorizationRequestHeader("Bearer", access_token);

    var resp = await http.GetAsync("/sobjects/Account");

    Console.Log(resp.StatusCode) //401 Unauthorized
    11-22-2022 01:44 PM
  2. B. Diddy's Avatar
    Welcome to Android Central! I moved this to the Developers Lounge for more specific traffic.
    11-22-2022 06:53 PM
  3. Thomas_George's Avatar
    Do you need to use JSON object in order to pass parameters when calling the SalesForce web API?
    11-24-2022 06:15 AM

Similar Threads

  1. Manifest V3 and uBlock origin
    By Golfdriver97 in forum General News & Discussion
    Replies: 8
    Last Post: 12-10-2022, 03:00 AM
  2. Samsung Galaxy A7 Tablet Won't Turn On (Black Screen of Death)
    By disman00911 in forum General Help and How To
    Replies: 8
    Last Post: 11-23-2022, 11:34 AM
  3. Cannot sign on, cannot get password reset
    By Android Central Question in forum Ask a Question
    Replies: 3
    Last Post: 11-21-2022, 11:17 PM
  4. Why do ipods and iphones have different plug in outlets?
    By Android Central Question in forum Ask a Question
    Replies: 1
    Last Post: 11-21-2022, 09:49 PM
  5. Multiple Phones. If you could only take one on a trip...
    By bembol in forum General News & Discussion
    Replies: 3
    Last Post: 11-21-2022, 06:42 PM
LINK TO POST COPIED TO CLIPBOARD