Create a Connected App in Salesforce as Your Apex REST API Gateway

This entry is part three of a four-part series on “How to Create Your Own REST Endpoints in SalesForce and Consume Them From an External Application.” Here are links to parts 1 and 2:

Part 1: Create Your Own REST API Endpoints in Salesforce Using Apex REST
Part 2: Generate a New Certificate with OpenSSL for Use with Salesforce Connected App

In this installment, let’s explore how to create a new Connected App in Salesforce to serve as the Gateway into our org to external client apps that will be using the APIs we created.

select App Manager from search results

From the Setup App, search for “app” and click on the “App Manager” link. From the App Manager listing screen, click on the “New Connected App” button.

New Connected App button within the Lightning Experience App Manager
New Connected App button within the Lightning Experience App Manager

Fill out some basic information like a name for the app and an email address to serve as the contact for this app. The next part, “API (Enable OAuth Settings)” is most relevant to our discussion, here.

New Connected App data-entry screen
New Connected App data-entry screen

Note my particular selections:

  • First, check the “Enable OAuth Settings” box to enable external apps to authenticate using an OAuth flow.

Click “Save” to create your new Connected App. Wait 2–10 minutes for your changes to take effect.

Take a note of the new Consumer Key that was generated by Salesforce, for your new Connected App. We’ll need this key when authenticating our external app, later.

There are a few more configurations that we need to make to allow for our external client application to connect to our Salesforce org. Click on the “Manage” button for your app.

Manage button for the Connected App
Manage button for the Connected App

Click on “Edit Policies” in the new screen that appears.

Edit policies button for Connected App
Edit policies button for Connected App
preapproval and IP restrictions selections
preapproval and IP restrictions selections

There are two changes that I want to make here:

  • Permitted Users: I want to select “Admin approved users are pre-authorized.” As stated before, my client-app will run as a daemon, without the context of a connected user. As such, my permission must be preauthorized by an admin because my program won’t be logging-in as a user upon initial run.

Save your changes.

Back on the landing page, scroll down to the Profiles section and click on the “Manage Profiles” button.

Manage profiles button
Manage profiles button

I’m going to be running my demo client app under the context of my own username, on my own org. And as I’m a System Administrator on my org, I’m going to select the “Systems Administrator” profile to allow any user on my Org, belonging to that profile, to run my app and authenticate against my Org, successfully.

User profiles selection boxes
User profiles selection boxes

Congratulations! You have created a new Connected App within Salesforce and made all the configurations to allow an external client application to authenticate against your Org, and exercise the API endpoints that you have setup. I hope you’ll join me in the last part of this series, where we’ll create and run such an external app, reading and updating data in our Salesforce org. See you on the next one.

Part 4: Connect to a Salesforce APEX REST API from a C# Console Application

Software Engineer, working in the IT scene for the past 18+ years. Husband. Father to two lively, energetic boys. We live in Nashville, TN