R1D39 Secrets in Salesforce
My entire Trailhead journey started because I wanted to write a couple of custom integrations for work. I made a working POC hacking together various bits and pieces of information that I found online, but taking a step back to actually learn how Salesforce works has been really great.
I am ready to make a non-hacky solution to the problem that I initially set out to solve. In order to get this to work though, I need some way to manage secrets within Salesforce so that I can securely store my API authentication token for the third party service that I am integrating with.
Luckily, there is Trailhead module on Secure Secret Storage in Salesforce.
Salesforce offers a feature called Named Credentials which offers a very straightforward way to manage secrets. Specifically those involving authenticating against a third party API.
Rather than hard-coding the value into your code, you can leverage named credentials to store secrets, allowing you to refer to the named credential to access the secret value, as if it were any other variable in your code.Sadly, this did not seem to work for me because the API I was using expects a token in the URL rather than allowing for basic authentication.
There are a couple other strategies in place for storing secrets, but they seem like overkill for my specific project.
Thank you for reading! Share your thoughts with me on bluesky, mastodon, or via email.
Check out some more stuff to read down below.
Most popular posts this month
- Lev Lazinskiy
- SQLite DB Migrations with PRAGMA user_version
- My Custom Miniflux CSS Theme
- Convert Markdown to PDF in Sublime Text
- Terminal RSS Reader With Nom
Recent Favorite Blog Posts
This is a collection of the last 8 posts that I bookmarked.
- The social contract of writing from jola.dev
- My Running Tips from Kevin Bell's Blog
- tweet from Derek Sivers blog
- Rewrote my blog with Zine from Drew DeVault's blog
- A eulogy for Vim from Drew DeVault's blog
- Pluralistic: AI "journalists" prove that media bosses don't give a shit (11 Mar 2026) from Pluralistic: Daily links from Cory Doctorow
- Offline 23 hours a day from Derek Sivers blog
- Pluralistic: California can stop Larry Ellison from buying Warners (28 Feb 2026) from Pluralistic: Daily links from Cory Doctorow
Articles from blogs I follow around the net
“Big, fast, careless swipes”
In game development, there is this strange effect known as “tunneling.” It happens when you do collision detection. Imagine a simple situation where every time you move a cube, you also test whether it touches the wall – and if it does, you make it bounce...
via Unsung June 12, 2026Pluralistic: Google's new remote attestation scheme is every bit as terrible as its old remote attestation scheme (12 Jun 2026)
Today's links Google's new remote attestation scheme is every bit as terrible as its old remote attestation scheme: Not even a QR code can produce a kissable pig. Hey look at this: Delights to delectate. Object permanence: Arrested at Toronto G20; Rule by...
via Pluralistic: Daily links from Cory Doctorow June 12, 2026Second Circuit rejects Sam Bankman-Fried’s appeal
The Second Circuit upholds Bankman-Fried’s conviction and 25-year sentence, leaving few remaining options for the disgraced crypto executive
via Citation Needed June 12, 2026Generated by openring