This post defines the use of a JSON Web Token (JWT) Bearer Token as a means for requesting an OAuth 2.0 access token as well as for use as a means of client authentication
To start that we use the openssl command in the Mac Terminal
openssl req -newkey rsa:2048 -nodes -keyout PrivateKey.key -x509 -days 3650 -out certFile.crt
Then enter
- Country Name
- State or Province Name
- Locality Name
- Organization Name
- Organizational Unit Name
- Common Name
- Email Address
- Password
Then create a connected app with the crt certificate added in the digital certificate field and make sure you connected app oauth scope is same as the one in the screenshot
Then you can use this nodejs code with the generated private key and the consumer key of the connected app to test the JWT authorization process
app.js
var request = require('request');
var jwt = require('jsonwebtoken');
var key = require('fs').readFileSync('./privateKey.key', 'utf8');
var options = {
issuer: '3MVG9ahGHqp.k2_xJWFqMa_0.Sjm3JAVRwNf5ZeRrM5qel7a6ZXfBdQDYCJGD9FCP9rt15pSaFfvye8Umb7GN',
audience: 'https://login.salesforce.com',
expiresIn: 3,
algorithm: 'RS256'
}
var token = jwt.sign({ prn: '[Username]'}, key, options)
var post = {
uri: 'https://login.salesforce.com/services/oauth2/token',
form: {
'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion': token
},
method: 'post'
}
console.log('<<<<Start>>>>');
console.log(post);
console.log('<<<<Stop>>>>');
request(post, function(err, res, body) {
console.log(err);
console.log(res.statusCode);
console.log(body);
});
node app
And the response contains the access token to handle your DML operations
<?xml version="1.0" encoding="UTF-8"?>
<OAuth>
<scope>id api web visualforce chatter_api</scope>
<instance_url>https://gs0.salesforce.com</instance_url>
<token_type>Bearer</token_type>
<access_token>00DB000000016kK!ARIAQPfbsILjfMO9jj2rMKnprMXwSmhLumEMpkjOaIacFNycKZQfUWmUsUblRuTil1b1Ro56_Fu7URzxa_vTH26JULV4Xlz7
</access_token>
</OAuth>
Conclusion
So there you have it, a minimal code to implement the JWT authentification process in Salesforce.