Using Named Credentials to simplify your Apex callouts – part 1

What are Named Credentials?

Named Credentials were introduced by Salesforce in the Spring ’15 release. In this blog I will cover the basic functionalities of Named Credentials and why you should start using them today.

The official description of named credentials in the Salesforce help is:

A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition. 

Salesforce manages all the authentication for Apex callouts that specify a named credential as the callout endpoint, so that your code doesn’t have to.

This means there are two major reasons to start using named credentials today:

  1. You no longer have to store your user credentials yourself anymore
  2. You no longer have to handle the authentication yourself anymore

Let’s dive a little deeper into those two advantages.

 

No longer store user credentials yourself

Before named credentials were introduced, as a developer you had to store the user credentials somewhere in Salesforce. I’ve seen several different solutions to do this: custom objects, custom settings, custom metadata types and even static resources. Although all of these solutions get the job done, most of them come with one or more downsides. If you use named credentials, you store the user credentials in the named credential itself. This means that you get an out-of-the-box solution for storing the user credentials without having to create your own solution. Also, it’s easier for your admins to maintain these credentials since they can be found in Salesforce setup. If you’re an admin working with several orgs and each org has its own solution built in, switching to named credentials will simplify your life as an admin.

 

No longer handle authentication in your code

When you use named credentials, the Salesforce platform handles all the authentication for you. For basic authentication, the code isn’t very complicated, but for oAuth connections it is. So having the platform handle all this for you is a great advantage, especially for oAuth connections.

The following example illustrates how named credentials simplify an apex callout. First let’s take a look at an example of an apex callout without the use of named credentials:

 


public with sharing class BasicAuthExample{
    private String username = 'someone@example.com';
    private String password = 'myS@mpleP@ssw0rd';
    private String endpoint = 'https://somerandomendpoint.com';

    public void doBasicAuthenticationCallout(){
        Http http = new Http();
        HttpRequest req = new HttpRequest();

        req.setMethod('POST');
        req.setEndpoint(this.endpoint);

        //This adds the basic authentication header to the callout
        Blob headerValue = Blob.valueOf(this.username + ':' + this.password); 
        String authHeader = 'BASIC ' + EncodingUtil.base64Encode(headerValue); 
        req.setHeader('Authorization', authHeader);

        HttpResponse response = http.send(req);

        //Code to handle the response goes here
    }
}

 

Here’s the same code, but now using named credentials. As you can see, the code is much more simple and does not contain any code handling the authentication.

 
public with sharing class BasicAuthExample{
 
    public void doBasicAuthenticationCallout(){ 
        Http http = new Http(); 
        HttpRequest req = new HttpRequest(); 
        req.setMethod('POST'); 
        req.setEndpoint('callout:namedCredExample'); 

        HttpResponse response = http.send(req); 

        //Code to handle the response goes here 
    } 
} 

 

Supported types of authentication

Named Credentials support both anonymous and authenticated web service callouts. For authenticated web service callouts both Basic Authentication (Password Authentication) and OAuth 2.0 are currently supported. I expect that in future releases also other types of authentication will be supported, like for example digest authentication.

Regarding the user credentials you can either choose for Named Principle (integration user) or authentication by user. The Salesforce platform will take care of the authentication for you.

 

 

In part 2 I will cover how to use Named Credentials in different scenario’s, for example a Salesforce to Salesforce integration.

 

 

Share this postTweet about this on TwitterShare on LinkedInShare on FacebookPin on PinterestShare on Google+