Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Enabling RESTful services for Mobile Customer Portal Users

Enabling RESTful services for Mobile Customer Portal Users

You just developed your killer custom mobile app using your favorite SDK platform. Now you want to distribute your app to your customers and want to use Saleforce.com as your backend. You defined a business model were all your customers are going to use Saleforce ISV Customer Portal Licenses. Then your problems begin. In this session we'll explore the issues and solutions of granting REST services to Customer Portal Users using a mobile app or any other external device.

Aldo Fernandez

April 25, 2013
Tweet

More Decks by Aldo Fernandez

Other Decks in Technology

Transcript

  1. Salesforce Mobile Developer Week Enabling RESTful services for Mobile Customer

    Portal Users Uruguay Salesforce DUG Aldo Fernandez Software Engineer @aldoforce Bruno Fagundez Cloud Hacker @geekymartian
  2. Disclaimer Content and comments from the following presentation are purely

    and solely the responsibility of the speakers and do not reflect in any way or involve the thought of: Salesforce.com, Uruguay Salesforce Developer User Group or any other person involved in the organization of the event. The images, diagrams and texts from other authors cited were properly authorized. Join the conversation: #uysdug #salesforcemobile
  3. Follow UYSDUG for the latest news @uysdug / #uysdug /Uruguay-Salesforce-Developer-User-Group/

    www.uysdug.com Join the conversation: #uysdug #salesforcemobile
  4. Join the conversation: #uysdug #salesforcemobile Mobile Packs Build Mobile web

    and hybrid apps using the language and frameworks you already know and love.
  5. Developing mobile apps to our Users Join the conversation: #uysdug

    #salesforcemobile Authenticate and consume REST services Standard Objects Custom Objects
  6. About our Users, we already know... Join the conversation: #uysdug

    #salesforcemobile • License type: Salesforce or Salesforce Platform in most cases • They are mobile • They can authenticate to Salesforce using web login, SOAP API, REST API, etc. • Mainly they do CRUD operations against Standard and Custom Objects
  7. BUT, what if we want to... Join the conversation: #uysdug

    #salesforcemobile • Allow external Customers to use and interact with our standard/custom objects? • Create a mobile app with engaging content, a great UX, in order to make your Customers part of your business community? CUSTOMER PORTAL (flashing lights and confetti here!)
  8. About our Customer Portal Users, we know... Join the conversation:

    #uysdug #salesforcemobile • They use Customer Portal Licenses • They can register/sign-up using the Customer Portal Web site • They can authenticate using Portal web login and SOAP API • They are Mobile
  9. Regular Users vs Customer Portal Users • License type: Salesforce

    or Salesforce Platform • CRUD operations • Mobile • Authentication ◦ Web Login ◦ SOAP API ◦ REST API • License type: Customer Portal User • CRUD operations • Mobile • Authentication ◦ Portal Login ◦ SOAP API* *Special header settings required Join the conversation: #uysdug #salesforcemobile REST?
  10. Ok, that's easy... right? Join the conversation: #uysdug #salesforcemobile •

    If you try to setup an OAuth authentication process with a user with Customer Portal License...
  11. OAuth and Customer Portal Licenses Join the conversation: #uysdug #salesforcemobile

    • Currently (April 2013), using OAuth with Customer Portal License does not work. • According to insider information, when Salesforce launch Chatter Communities as GA, OAuth will be available for Portal Users • So, for the time being...
  12. Enabling RESTful services to Mobile Customer Portal Users Join the

    conversation: #uysdug #salesforcemobile • First, Customer needs to authenticate using SOAP API. • SOAP API was updated to additionally provide OrgID and PortalID attributes. • After authentication the platform will provide a SessionID token. • Save that SessionID
  13. Enabling RESTful services to Mobile Customer Portal Users Join the

    conversation: #uysdug #salesforcemobile • Include that SessionID in the forthcoming REST requests' Authentication header: Authentication: Bearer SessionID • Submit that request and enjoy a RESTful experience... from your Mobile!
  14. Demo Implementation Join the conversation: #uysdug #salesforcemobile • Use a

    Customer Portal • Publish VF ApexPages as REST endpoints • Make those endpoints to return JSONP callbacks to avoid XSS policy • Request /login and /register pages passing user parameters (USE HTTPS!) • Implement Mobile client to orchestrate the process.
  15. Salesforce Mobile Developer Week Enabling RESTful services for Mobile Customer

    Portal Users Uruguay Salesforce DUG Aldo Fernandez Software Engineer @aldoforce Bruno Fagundez Cloud Hacker @geekymartian Thank you!