R1D39 Secrets in Salesforce
My entire Trailhead journey started because I wanted to write a couple of custom integrations for work. I made a working POC hacking together various bits and pieces of information that I found online, but taking a step back to actually learn how Salesforce works has been really great.
I am ready to make a non-hacky solution to the problem that I initially set out to solve. In order to get this to work though, I need some way to manage secrets within Salesforce so that I can securely store my API authentication token for the third party service that I am integrating with.
Luckily, there is Trailhead module on Secure Secret Storage in Salesforce.
Salesforce offers a feature called Named Credentials which offers a very straightforward way to manage secrets. Specifically those involving authenticating against a third party API.
Rather than hard-coding the value into your code, you can leverage named credentials to store secrets, allowing you to refer to the named credential to access the secret value, as if it were any other variable in your code.Sadly, this did not seem to work for me because the API I was using expects a token in the URL rather than allowing for basic authentication.
There are a couple other strategies in place for storing secrets, but they seem like overkill for my specific project.
Thank you for reading! Share your thoughts with me on bluesky, mastodon, or via email.
Check out some more stuff to read down below.
Most popular posts this month
- SQLite DB Migrations with PRAGMA user_version
- Making cgit Pretty
- Using cgit
- My Custom Miniflux CSS Theme
- Convert Markdown to PDF in Sublime Text
Recent Favorite Blog Posts
This is a collection of the last 8 posts that I bookmarked.
- Rewrote my blog with Zine from Drew DeVault's blog
- A eulogy for Vim from Drew DeVault's blog
- Pluralistic: AI "journalists" prove that media bosses don't give a shit (11 Mar 2026) from Pluralistic: Daily links from Cory Doctorow
- Avi Alkalay: Uniqlo T-Shirt Bash Script Easter Egg from Fedora People
- Offline 23 hours a day from Derek Sivers blog
- Pluralistic: California can stop Larry Ellison from buying Warners (28 Feb 2026) from Pluralistic: Daily links from Cory Doctorow
- On Alliances from Smashing Frames
- Acting ethically in an imperfect world from Smashing Frames
Articles from blogs I follow around the net
“Plain text has been around for decades and it’s here to stay.”
There’s a category of “plain text” or “ASCII” diagramming and UI design tools: Mockdown – works immediately on the web, even on mobile Wiretext – works on the web, but desktop only Monodraw – a Mac app I believe these are used by people who prefer intentio...
via Unsung April 24, 2026Pluralistic: A free, open visual identity for enshittification (24 Apr 2026)
Today's links A free, open visual identity for enshittification: No mere poop emoji! Hey look at this: Delights to delectate. Object permanence: RIAA v little girl; Portal turret Easter egg; Atari v indie games; Chabon's Phantom Tollbooth intro; The 0.1%;...
via Pluralistic: Daily links from Cory Doctorow April 24, 2026Nicolas Solerieu
This week on the People and Blogs series we have an interview with Nicolas Solerieu, whose blog can be found at slrncl.com/blog. Tired of RSS? Read this in your browser or sign up for the newsletter. People and Blogs is supported by the "One a Month" club...
via Manuel Moreale — Everything Feed April 24, 2026Generated by openring