R1D39 Secrets in Salesforce
My entire Trailhead journey started because I wanted to write a couple of custom integrations for work. I made a working POC hacking together various bits and pieces of information that I found online, but taking a step back to actually learn how Salesforce works has been really great.
I am ready to make a non-hacky solution to the problem that I initially set out to solve. In order to get this to work though, I need some way to manage secrets within Salesforce so that I can securely store my API authentication token for the third party service that I am integrating with.
Luckily, there is Trailhead module on Secure Secret Storage in Salesforce.
Salesforce offers a feature called Named Credentials which offers a very straightforward way to manage secrets. Specifically those involving authenticating against a third party API.
Rather than hard-coding the value into your code, you can leverage named credentials to store secrets, allowing you to refer to the named credential to access the secret value, as if it were any other variable in your code.Sadly, this did not seem to work for me because the API I was using expects a token in the URL rather than allowing for basic authentication.
There are a couple other strategies in place for storing secrets, but they seem like overkill for my specific project.
Thank you for reading! Share your thoughts with me on bluesky, mastodon, or via email.
Check out some more stuff to read down below.
Most popular posts this month
- 2024
- Reinstalling Windows at 1am
- SQLite DB Migrations with PRAGMA user_version
- My Custom Miniflux CSS Theme
- How to Disable Wayland in Debian Testing
Recent Favorite Blog Posts
This is a collection of the last 8 posts that I bookmarked.
- The Software Essays that Shaped Me from Refactoring English
- Give Your Spouse the Gift of a Couple's Email Domain from mtlynch.io
- Skip the Next iPhone from Articles on Jose M.
- Have smart glasses finally hit an inflection point? from The Torment Nexus
- The McPhee method from the jsomers.net blog
- Pluralistic: LLMs are slot-machines (16 Aug 2025) from Pluralistic: Daily links from Cory Doctorow
- Pluralistic: Bluesky creates the world's weirdest, hardest-to-understand binding arbitration clause (15 Aug 2025) from Pluralistic: Daily links from Cory Doctorow
- Just a Little More Context Bro, I Promise, and It’ll Fix Everything from Jim Nielsen’s Blog
Articles from blogs I follow around the net
Pluralistic: Carl Hiaasen's 'Fever Beach' (21 Oct 2025)
Today's links Carl Hiaasen's 'Fever Beach': If you didn't laugh, you'd have to cry. Hey look at this: Delights to delectate. Object permanence: Scary Godmother; Nightvale novel; The war on Worker's Comp; Cadillac's murdermo…
via Pluralistic: Daily links from Cory Doctorow October 21, 202510 pointless facts about me
Found on Kev’s blog and originally started by Dave, here are my answers to this fun blog challenge: Do you floss your teeth? Sometimes. I’d say maybe a few times a week? I’m terrible at being consistent, and that includes flossing regularly. Tea, co…
via Manuel Moreale — Everything Feed October 21, 2025Getting started with simple CSS View Transitions
There's (yet another) new piece of CSS to learn! Hurrah! Way back in 2011, jQuery mobile introduced the web to page-change animations. Clicking on a link would make your high-tech Nokia display a cool page-flip as you navigated from one page of a web…
via Terence Eden’s Blog October 21, 2025Generated by openring