Skip to main content

Overview

The SalesforceCredentials struct encapsulates the OAuth 2.0 credentials needed to authenticate with Salesforce. This includes client credentials and user credentials for password-based OAuth flow.

Definition

public struct SalesforceCredentials: Sendable

Properties

clientId
String
required
OAuth client ID issued by Salesforce for your OAuth application. This identifies your application to Salesforce during authentication.
clientSecret
String
required
OAuth client secret issued by Salesforce for your OAuth application. This should be kept secure and never exposed in client-side code.
username
String
required
Salesforce username for the user account that will be used for API authentication. This should be a dedicated service account when possible.
password
String
required
Salesforce password for the user account. This should meet Salesforce security requirements and be stored securely.

Initializer

public init(
    clientId: String,
    clientSecret: String,
    username: String,
    password: String
)
Creates a new SalesforceCredentials instance with the provided OAuth and user credentials.

Usage Example

// Create credentials for authentication
let credentials = SalesforceCredentials(
    clientId: "your_oauth_client_id",
    clientSecret: "your_oauth_client_secret",
    username: "your_salesforce_username",
    password: "your_salesforce_password"
)

// Use with CongregationKit
let congregation = try await CongregationKit(
    httpClient: httpClient,
    credentials: credentials
)

Security Best Practices

Credential Storage

  • Environment Variables: Store credentials in environment variables
  • Secure Keychain: Use iOS/macOS keychain for mobile apps
  • Encrypted Storage: Encrypt credentials in persistent storage
  • No Hardcoding: Never hardcode credentials in source code

OAuth Configuration

  • Minimal Scopes: Request only necessary OAuth scopes
  • Client Security: Keep client secrets secure and rotate regularly
  • User Permissions: Use dedicated service account when possible
  • Network Security: Always use HTTPS for credential transmission

Integration Patterns

Environment-Based Configuration

let credentials = SalesforceCredentials(
    clientId: ProcessInfo.processInfo.environment["SALESFORCE_CLIENT_ID"] ?? "",
    clientSecret: ProcessInfo.processInfo.environment["SALESFORCE_CLIENT_SECRET"] ?? "",
    username: ProcessInfo.processInfo.environment["SALESFORCE_USERNAME"] ?? "",
    password: ProcessInfo.processInfo.environment["SALESFORCE_PASSWORD"] ?? ""
)

Keychain Integration (iOS/macOS)

// Store credentials securely
let query: [String: Any] = [
    kSecClass as String: kSecClassGenericPassword,
    kSecAttrAccount as String: "SalesforceCredentials",
    kSecValueData as String: try JSONEncoder().encode(credentials)
]
SecItemAdd(query as CFDictionary, nil)

Validation

  • Required Fields: All fields are required for valid authentication
  • Format Validation: Client ID and username should be non-empty strings
  • Password Security: Password should meet Salesforce security requirements
  • Client Validation: Client ID and secret should be valid OAuth credentials

Build docs developers (and LLMs) love

Get started for freeTalk to us