@salesforce/afv-skills 1.8.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/skills/activating-datacloud/CREDITS.md +5 -0
- package/skills/activating-datacloud/README.md +39 -0
- package/skills/activating-datacloud/SKILL.md +118 -0
- package/skills/analyzing-omnistudio-dependencies/CREDITS.md +5 -0
- package/skills/analyzing-omnistudio-dependencies/SKILL.md +477 -0
- package/skills/analyzing-omnistudio-dependencies/references/dependency-patterns.md +508 -0
- package/skills/analyzing-omnistudio-dependencies/references/namespace-guide.md +300 -0
- package/skills/building-omnistudio-callable-apex/CREDITS.md +9 -0
- package/skills/building-omnistudio-callable-apex/README.md +80 -0
- package/skills/building-omnistudio-callable-apex/SKILL.md +276 -0
- package/skills/building-omnistudio-callable-apex/assets/pattern_callable_openinterface.cls +40 -0
- package/skills/building-omnistudio-callable-apex/assets/pattern_callable_vanilla.cls +32 -0
- package/skills/building-omnistudio-callable-apex/assets/pattern_migration.cls +54 -0
- package/skills/building-omnistudio-callable-apex/assets/pattern_openinterface.cls +45 -0
- package/skills/building-omnistudio-callable-apex/assets/pattern_test_class.cls +65 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_QuoteByProductCallable/IndustriesCallableException.cls +7 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_QuoteByProductCallable/Industries_QuoteByProductCallable.cls +115 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_QuoteByProductCallable/Industries_QuoteByProductCallableTest.cls +189 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_QuoteByProductCallable/TRANSCRIPT.md +115 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterface2Conversion/IndustriesCallableException.cls +7 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterface2Conversion/MyCustomCallable.cls +74 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterface2Conversion/MyCustomCallableTest.cls +146 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterface2Conversion/MyCustomRemoteClass.cls +16 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterface2Conversion/TRANSCRIPT.md +120 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterfaceConversion/IndustriesCallableException.cls +7 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterfaceConversion/MyCustomCallable.cls +73 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterfaceConversion/MyCustomCallableTest.cls +128 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterfaceConversion/MyCustomVlocityOpenInterface2.cls +23 -0
- package/skills/building-omnistudio-callable-apex/examples/Test_VlocityOpenInterfaceConversion/TRANSCRIPT.md +75 -0
- package/skills/building-omnistudio-datamapper/CREDITS.md +5 -0
- package/skills/building-omnistudio-datamapper/SKILL.md +270 -0
- package/skills/building-omnistudio-datamapper/assets/completion-summary-template.md +28 -0
- package/skills/building-omnistudio-datamapper/assets/omni-data-transform-extract.json +6 -0
- package/skills/building-omnistudio-datamapper/assets/omni-data-transform-item.json +12 -0
- package/skills/building-omnistudio-datamapper/assets/omni-data-transform-load.json +6 -0
- package/skills/building-omnistudio-datamapper/assets/omni-data-transform-transform.json +6 -0
- package/skills/building-omnistudio-datamapper/references/best-practices.md +277 -0
- package/skills/building-omnistudio-datamapper/references/naming-conventions.md +145 -0
- package/skills/building-omnistudio-flexcard/CREDITS.md +5 -0
- package/skills/building-omnistudio-flexcard/SKILL.md +325 -0
- package/skills/building-omnistudio-flexcard/assets/omni-ui-card.json +10 -0
- package/skills/building-omnistudio-flexcard/references/best-practices.md +291 -0
- package/skills/building-omnistudio-flexcard/references/data-binding-guide.md +311 -0
- package/skills/building-omnistudio-flexcard/references/scoring-rubric.md +66 -0
- package/skills/building-omnistudio-flexcard/scripts/flexcard-commands.sh +24 -0
- package/skills/building-omnistudio-integration-procedure/CREDITS.md +5 -0
- package/skills/building-omnistudio-integration-procedure/SKILL.md +275 -0
- package/skills/building-omnistudio-integration-procedure/assets/omni-process-element-dr-extract.json +10 -0
- package/skills/building-omnistudio-integration-procedure/assets/omni-process-element-set-values.json +10 -0
- package/skills/building-omnistudio-integration-procedure/assets/omni-process-ip.json +12 -0
- package/skills/building-omnistudio-integration-procedure/assets/scoring-report-format.txt +14 -0
- package/skills/building-omnistudio-integration-procedure/references/best-practices.md +388 -0
- package/skills/building-omnistudio-integration-procedure/references/element-types.md +588 -0
- package/skills/building-omnistudio-integration-procedure/scripts/cli-commands.sh +18 -0
- package/skills/building-omnistudio-omniscript/CREDITS.md +5 -0
- package/skills/building-omnistudio-omniscript/SKILL.md +367 -0
- package/skills/building-omnistudio-omniscript/assets/omni-process-element-step.json +10 -0
- package/skills/building-omnistudio-omniscript/assets/omni-process-element-text-block.json +11 -0
- package/skills/building-omnistudio-omniscript/assets/omni-process-omniscript.json +12 -0
- package/skills/building-omnistudio-omniscript/references/best-practices.md +480 -0
- package/skills/building-omnistudio-omniscript/references/element-types.md +1172 -0
- package/skills/building-omnistudio-omniscript/scripts/check-duplicate-omniscript.sh +13 -0
- package/skills/building-omnistudio-omniscript/scripts/cli-reference.sh +21 -0
- package/skills/building-omnistudio-omniscript/scripts/deploy-omniscript.sh +29 -0
- package/skills/building-sf-integrations/CREDITS.md +5 -0
- package/skills/building-sf-integrations/README.md +95 -0
- package/skills/building-sf-integrations/SKILL.md +192 -0
- package/skills/building-sf-integrations/assets/callouts/callout-retry-handler.cls +167 -0
- package/skills/building-sf-integrations/assets/callouts/http-response-handler.cls +257 -0
- package/skills/building-sf-integrations/assets/callouts/rest-queueable-callout.cls +262 -0
- package/skills/building-sf-integrations/assets/callouts/rest-sync-callout.cls +211 -0
- package/skills/building-sf-integrations/assets/cdc/cdc-handler.cls +246 -0
- package/skills/building-sf-integrations/assets/cdc/cdc-subscriber-trigger.trigger +139 -0
- package/skills/building-sf-integrations/assets/endpoint-security/example.cspTrustedSite-meta.xml +58 -0
- package/skills/building-sf-integrations/assets/endpoint-security/example.remoteSite-meta.xml +39 -0
- package/skills/building-sf-integrations/assets/external-credentials/jwt-external-credential.externalCredential-meta.xml +90 -0
- package/skills/building-sf-integrations/assets/external-credentials/oauth-external-credential.externalCredential-meta.xml +87 -0
- package/skills/building-sf-integrations/assets/external-services/external-service-operations.md +221 -0
- package/skills/building-sf-integrations/assets/external-services/openapi-registration.externalServiceRegistration-meta.xml +193 -0
- package/skills/building-sf-integrations/assets/named-credentials/certificate-auth.namedCredential-meta.xml +62 -0
- package/skills/building-sf-integrations/assets/named-credentials/custom-auth.namedCredential-meta.xml +71 -0
- package/skills/building-sf-integrations/assets/named-credentials/oauth-client-credentials.namedCredential-meta.xml +51 -0
- package/skills/building-sf-integrations/assets/named-credentials/oauth-jwt-bearer.namedCredential-meta.xml +67 -0
- package/skills/building-sf-integrations/assets/platform-events/event-publisher.cls +191 -0
- package/skills/building-sf-integrations/assets/platform-events/event-subscriber-action.cls +295 -0
- package/skills/building-sf-integrations/assets/platform-events/event-subscriber-trigger.trigger +108 -0
- package/skills/building-sf-integrations/assets/platform-events/platform-event-definition.object-meta.xml +124 -0
- package/skills/building-sf-integrations/assets/soap/soap-callout-service.cls +186 -0
- package/skills/building-sf-integrations/assets/soap/wsdl2apex-guide.md +213 -0
- package/skills/building-sf-integrations/hooks/scripts/suggest_credential_setup.py +271 -0
- package/skills/building-sf-integrations/hooks/scripts/validate_integration.py +363 -0
- package/skills/building-sf-integrations/references/callout-patterns.md +719 -0
- package/skills/building-sf-integrations/references/cdc-guide.md +288 -0
- package/skills/building-sf-integrations/references/cli-reference.md +94 -0
- package/skills/building-sf-integrations/references/event-driven-architecture-guide.md +266 -0
- package/skills/building-sf-integrations/references/event-patterns.md +838 -0
- package/skills/building-sf-integrations/references/external-services-guide.md +303 -0
- package/skills/building-sf-integrations/references/messaging-api-v2.md +609 -0
- package/skills/building-sf-integrations/references/named-credentials-automation.md +201 -0
- package/skills/building-sf-integrations/references/named-credentials-guide.md +173 -0
- package/skills/building-sf-integrations/references/platform-events-guide.md +288 -0
- package/skills/building-sf-integrations/references/rest-callout-patterns.md +288 -0
- package/skills/building-sf-integrations/references/scoring-rubric.md +59 -0
- package/skills/building-sf-integrations/references/security-best-practices.md +248 -0
- package/skills/building-sf-integrations/scripts/README.md +100 -0
- package/skills/building-sf-integrations/scripts/configure-named-credential.sh +236 -0
- package/skills/building-sf-integrations/scripts/set-api-credential.sh +146 -0
- package/skills/building-sf-integrations/scripts/templates/setup-credentials-with-csp.sh +158 -0
- package/skills/configuring-connected-apps/CREDITS.md +3 -0
- package/skills/configuring-connected-apps/README.md +99 -0
- package/skills/configuring-connected-apps/SKILL.md +224 -0
- package/skills/configuring-connected-apps/assets/connected-app-basic.xml +29 -0
- package/skills/configuring-connected-apps/assets/connected-app-canvas.xml +62 -0
- package/skills/configuring-connected-apps/assets/connected-app-jwt.xml +49 -0
- package/skills/configuring-connected-apps/assets/connected-app-oauth.xml +65 -0
- package/skills/configuring-connected-apps/assets/eca-global-oauth.xml +36 -0
- package/skills/configuring-connected-apps/assets/eca-oauth-settings.xml +36 -0
- package/skills/configuring-connected-apps/assets/eca-policies.xml +36 -0
- package/skills/configuring-connected-apps/assets/external-client-app.xml +35 -0
- package/skills/configuring-connected-apps/references/example-usage.md +256 -0
- package/skills/configuring-connected-apps/references/migration-guide.md +328 -0
- package/skills/configuring-connected-apps/references/oauth-flows-reference.md +660 -0
- package/skills/configuring-connected-apps/references/security-checklist.md +209 -0
- package/skills/configuring-connected-apps/references/testing-validation-guide.md +275 -0
- package/skills/connecting-datacloud/CREDITS.md +5 -0
- package/skills/connecting-datacloud/README.md +59 -0
- package/skills/connecting-datacloud/SKILL.md +155 -0
- package/skills/connecting-datacloud/examples/connections/heroku-postgres.json +15 -0
- package/skills/connecting-datacloud/examples/connections/ingest-api-connection.json +5 -0
- package/skills/connecting-datacloud/examples/connections/ingest-api-schema.json +31 -0
- package/skills/connecting-datacloud/examples/connections/redshift.json +16 -0
- package/skills/connecting-datacloud/examples/connections/sharepoint-unstructured.json +20 -0
- package/skills/connecting-datacloud/examples/connections/snowflake-connection.json +42 -0
- package/skills/debugging-apex-logs/CREDITS.md +22 -0
- package/skills/debugging-apex-logs/README.md +74 -0
- package/skills/debugging-apex-logs/SKILL.md +172 -0
- package/skills/debugging-apex-logs/assets/benchmarking-template.cls +327 -0
- package/skills/debugging-apex-logs/assets/cpu-heap-optimization.cls +307 -0
- package/skills/debugging-apex-logs/assets/dml-in-loop-fix.cls +219 -0
- package/skills/debugging-apex-logs/assets/null-pointer-fix.cls +252 -0
- package/skills/debugging-apex-logs/assets/soql-in-loop-fix.cls +157 -0
- package/skills/debugging-apex-logs/references/analysis-playbook.md +53 -0
- package/skills/debugging-apex-logs/references/benchmarking-guide.md +287 -0
- package/skills/debugging-apex-logs/references/cli-commands.md +368 -0
- package/skills/debugging-apex-logs/references/common-issues.md +68 -0
- package/skills/debugging-apex-logs/references/debug-log-reference.md +328 -0
- package/skills/debugging-apex-logs/references/log-analysis-tools.md +248 -0
- package/skills/debugging-apex-logs/references/scoring-rubric.md +21 -0
- package/skills/deploying-metadata/CREDITS.md +25 -0
- package/skills/deploying-metadata/README.md +104 -0
- package/skills/deploying-metadata/SKILL.md +214 -0
- package/skills/deploying-metadata/assets/destructiveChanges.xml +143 -0
- package/skills/deploying-metadata/assets/package.xml +121 -0
- package/skills/deploying-metadata/references/agent-deployment-guide.md +628 -0
- package/skills/deploying-metadata/references/deploy.sh +73 -0
- package/skills/deploying-metadata/references/deployment-report-template.md +89 -0
- package/skills/deploying-metadata/references/deployment-workflows.md +395 -0
- package/skills/deploying-metadata/references/orchestration.md +183 -0
- package/skills/deploying-metadata/references/trigger-deployment-safety.md +376 -0
- package/skills/deploying-omnistudio-datapacks/CREDITS.md +5 -0
- package/skills/deploying-omnistudio-datapacks/README.md +88 -0
- package/skills/deploying-omnistudio-datapacks/SKILL.md +174 -0
- package/skills/deploying-omnistudio-datapacks/examples/business-internet-plus-bundle/TRANSCRIPT.md +124 -0
- package/skills/deploying-omnistudio-datapacks/examples/business-internet-plus-bundle/deploy-business-internet-plus-bundle.yaml +11 -0
- package/skills/deploying-omnistudio-datapacks/examples/business-internet-plus-bundle-deploy/TRANSCRIPT.md +142 -0
- package/skills/deploying-omnistudio-datapacks/examples/business-internet-plus-bundle-deploy/deploy-business-internet-plus-bundle.yaml +10 -0
- package/skills/deploying-omnistudio-datapacks/references/job-file-template.md +42 -0
- package/skills/deploying-omnistudio-datapacks/references/troubleshooting-matrix.md +24 -0
- package/skills/developing-agentforce/assets/metadata/http-callout-flow.flow-meta.xml +1 -1
- package/skills/developing-agentforce/references/actions-reference.md +8 -8
- package/skills/fetching-salesforce-docs/README.md +66 -0
- package/skills/fetching-salesforce-docs/SKILL.md +209 -0
- package/skills/fetching-salesforce-docs/requirements.txt +2 -0
- package/skills/fetching-salesforce-docs/scripts/extract_help_salesforce.py +497 -0
- package/skills/fetching-salesforce-docs/scripts/extract_salesforce_doc.py +357 -0
- package/skills/fetching-salesforce-docs/scripts/runtime_bootstrap.py +58 -0
- package/skills/generating-apex/CREDITS.md +1 -26
- package/skills/generating-apex-test/CREDITS.md +2 -27
- package/skills/generating-lwc-components/CREDITS.md +5 -0
- package/skills/generating-lwc-components/README.md +126 -0
- package/skills/generating-lwc-components/SKILL.md +191 -0
- package/skills/generating-lwc-components/assets/apex-controller/LwcController.cls +327 -0
- package/skills/generating-lwc-components/assets/basic-component/basicComponent.css +72 -0
- package/skills/generating-lwc-components/assets/basic-component/basicComponent.html +111 -0
- package/skills/generating-lwc-components/assets/basic-component/basicComponent.js +163 -0
- package/skills/generating-lwc-components/assets/basic-component/basicComponent.js-meta.xml +137 -0
- package/skills/generating-lwc-components/assets/datatable-component/datatableComponent.html +111 -0
- package/skills/generating-lwc-components/assets/datatable-component/datatableComponent.js +367 -0
- package/skills/generating-lwc-components/assets/flow-screen-component/flowScreenComponent.css +63 -0
- package/skills/generating-lwc-components/assets/flow-screen-component/flowScreenComponent.html +154 -0
- package/skills/generating-lwc-components/assets/flow-screen-component/flowScreenComponent.js +348 -0
- package/skills/generating-lwc-components/assets/flow-screen-component/flowScreenComponent.js-meta.xml +87 -0
- package/skills/generating-lwc-components/assets/form-component/formComponent.html +165 -0
- package/skills/generating-lwc-components/assets/form-component/formComponent.js +275 -0
- package/skills/generating-lwc-components/assets/graphql-component/graphqlComponent.html +100 -0
- package/skills/generating-lwc-components/assets/graphql-component/graphqlComponent.js +336 -0
- package/skills/generating-lwc-components/assets/jest-test/componentName.test.js.example +371 -0
- package/skills/generating-lwc-components/assets/message-channel/RecordSelected.messageChannel-meta.xml +71 -0
- package/skills/generating-lwc-components/assets/message-channel/lmsPublisher.js +103 -0
- package/skills/generating-lwc-components/assets/message-channel/lmsSubscriber.js +181 -0
- package/skills/generating-lwc-components/assets/modal-component/modalComponent.html +85 -0
- package/skills/generating-lwc-components/assets/modal-component/modalComponent.js +199 -0
- package/skills/generating-lwc-components/assets/record-picker/recordPicker.html +55 -0
- package/skills/generating-lwc-components/assets/record-picker/recordPicker.js +199 -0
- package/skills/generating-lwc-components/assets/state-store/store.js +282 -0
- package/skills/generating-lwc-components/assets/typescript-component/typescriptComponent.css +65 -0
- package/skills/generating-lwc-components/assets/typescript-component/typescriptComponent.html +95 -0
- package/skills/generating-lwc-components/assets/typescript-component/typescriptComponent.js-meta.xml +75 -0
- package/skills/generating-lwc-components/assets/typescript-component/typescriptComponent.test.ts.example +301 -0
- package/skills/generating-lwc-components/assets/typescript-component/typescriptComponent.ts +295 -0
- package/skills/generating-lwc-components/assets/workspace-api/workspaceComponent.html +71 -0
- package/skills/generating-lwc-components/assets/workspace-api/workspaceComponent.js +316 -0
- package/skills/generating-lwc-components/hooks/scripts/lwc-lsp-validate.py +295 -0
- package/skills/generating-lwc-components/hooks/scripts/post-tool-validate.py +347 -0
- package/skills/generating-lwc-components/hooks/scripts/slds_data/deprecated_patterns.json +74 -0
- package/skills/generating-lwc-components/hooks/scripts/slds_data/styling_hooks.json +111 -0
- package/skills/generating-lwc-components/hooks/scripts/slds_data/valid_slds_classes.json +127 -0
- package/skills/generating-lwc-components/hooks/scripts/slds_linter_wrapper.py +294 -0
- package/skills/generating-lwc-components/hooks/scripts/slds_rules/__init__.py +22 -0
- package/skills/generating-lwc-components/hooks/scripts/template_validator.py +332 -0
- package/skills/generating-lwc-components/hooks/scripts/validate_slds.py +595 -0
- package/skills/generating-lwc-components/references/accessibility-guide.md +843 -0
- package/skills/generating-lwc-components/references/advanced-features.md +108 -0
- package/skills/generating-lwc-components/references/async-notification-patterns.md +661 -0
- package/skills/generating-lwc-components/references/cli-commands.md +545 -0
- package/skills/generating-lwc-components/references/component-patterns.md +1476 -0
- package/skills/generating-lwc-components/references/flow-integration-guide.md +675 -0
- package/skills/generating-lwc-components/references/jest-testing.md +1011 -0
- package/skills/generating-lwc-components/references/lms-guide.md +860 -0
- package/skills/generating-lwc-components/references/lwc-best-practices.md +1310 -0
- package/skills/generating-lwc-components/references/performance-guide.md +861 -0
- package/skills/generating-lwc-components/references/scoring-and-testing.md +116 -0
- package/skills/generating-lwc-components/references/slds-blueprints.json +14389 -0
- package/skills/generating-lwc-components/references/slds-design-guide.md +166 -0
- package/skills/generating-lwc-components/references/state-management.md +642 -0
- package/skills/generating-lwc-components/references/template-anti-patterns.md +948 -0
- package/skills/generating-lwc-components/references/triangle-pattern.md +365 -0
- package/skills/generating-lwc-components/scripts/local-dev-preview.sh +34 -0
- package/skills/generating-mermaid-diagrams/CREDITS.md +46 -0
- package/skills/generating-mermaid-diagrams/README.md +114 -0
- package/skills/generating-mermaid-diagrams/SKILL.md +218 -0
- package/skills/generating-mermaid-diagrams/assets/agentforce/agent-flow.md +313 -0
- package/skills/generating-mermaid-diagrams/assets/architecture/system-landscape.md +351 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/b2b-commerce-erd.md +317 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/campaigns-erd.md +195 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/consent-erd.md +262 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/files-erd.md +266 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/forecasting-erd.md +261 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/fsl-erd.md +332 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/party-model-erd.md +237 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/quote-order-erd.md +277 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/revenue-cloud-erd.md +343 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/sales-cloud-erd.md +192 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/salesforce-erd.md +209 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/scheduler-erd.md +276 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/service-cloud-erd.md +217 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/territory-management-erd.md +241 -0
- package/skills/generating-mermaid-diagrams/assets/integration/api-sequence.md +387 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/authorization-code-pkce.md +197 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/authorization-code.md +152 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/client-credentials.md +233 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/device-authorization.md +295 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/jwt-bearer.md +256 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/refresh-token.md +281 -0
- package/skills/generating-mermaid-diagrams/assets/oauth/user-agent-social-sign-on.md +281 -0
- package/skills/generating-mermaid-diagrams/assets/role-hierarchy/user-hierarchy.md +322 -0
- package/skills/generating-mermaid-diagrams/references/color-palette.md +464 -0
- package/skills/generating-mermaid-diagrams/references/diagram-conventions.md +313 -0
- package/skills/generating-mermaid-diagrams/references/erd-conventions.md +320 -0
- package/skills/generating-mermaid-diagrams/references/mermaid-reference.md +434 -0
- package/skills/generating-mermaid-diagrams/references/mermaid-styling.md +81 -0
- package/skills/generating-mermaid-diagrams/references/preview-guide.md +49 -0
- package/skills/generating-mermaid-diagrams/references/usage-examples.md +340 -0
- package/skills/generating-mermaid-diagrams/scripts/README.md +160 -0
- package/skills/generating-mermaid-diagrams/scripts/mermaid_preview.py +654 -0
- package/skills/generating-mermaid-diagrams/scripts/query-org-metadata.py +293 -0
- package/skills/generating-visual-diagrams/CREDITS.md +80 -0
- package/skills/generating-visual-diagrams/README.md +83 -0
- package/skills/generating-visual-diagrams/SKILL.md +208 -0
- package/skills/generating-visual-diagrams/assets/architecture/integration-flow.md +55 -0
- package/skills/generating-visual-diagrams/assets/erd/core-objects.md +131 -0
- package/skills/generating-visual-diagrams/assets/erd/custom-objects.md +60 -0
- package/skills/generating-visual-diagrams/assets/lwc/dashboard-card.md +45 -0
- package/skills/generating-visual-diagrams/assets/lwc/data-table.md +57 -0
- package/skills/generating-visual-diagrams/assets/lwc/record-form.md +60 -0
- package/skills/generating-visual-diagrams/assets/review/apex-review.md +57 -0
- package/skills/generating-visual-diagrams/assets/review/lwc-review.md +48 -0
- package/skills/generating-visual-diagrams/references/architect-aesthetic-guide.md +257 -0
- package/skills/generating-visual-diagrams/references/examples-index.md +35 -0
- package/skills/generating-visual-diagrams/references/gemini-cli-setup.md +65 -0
- package/skills/generating-visual-diagrams/references/interview-questions.md +529 -0
- package/skills/generating-visual-diagrams/references/iteration-workflow.md +173 -0
- package/skills/generating-visual-diagrams/scripts/check-prerequisites.sh +101 -0
- package/skills/generating-visual-diagrams/scripts/generate_image.py +243 -0
- package/skills/handling-sf-data/CREDITS.md +5 -0
- package/skills/handling-sf-data/README.md +112 -0
- package/skills/handling-sf-data/SKILL.md +235 -0
- package/skills/handling-sf-data/assets/bulk/bulk-insert-10000.apex +293 -0
- package/skills/handling-sf-data/assets/bulk/bulk-insert-200.apex +208 -0
- package/skills/handling-sf-data/assets/bulk/bulk-insert-500.apex +219 -0
- package/skills/handling-sf-data/assets/bulk/bulk-upsert-external-id.apex +324 -0
- package/skills/handling-sf-data/assets/cleanup/delete-by-created-date.apex +319 -0
- package/skills/handling-sf-data/assets/cleanup/delete-by-name.apex +240 -0
- package/skills/handling-sf-data/assets/cleanup/delete-test-data.apex +311 -0
- package/skills/handling-sf-data/assets/cleanup/rollback-transaction.apex +266 -0
- package/skills/handling-sf-data/assets/csv/account-import.csv +11 -0
- package/skills/handling-sf-data/assets/csv/contact-import.csv +11 -0
- package/skills/handling-sf-data/assets/csv/custom-object-import.csv +11 -0
- package/skills/handling-sf-data/assets/csv/opportunity-import.csv +11 -0
- package/skills/handling-sf-data/assets/factories/account-factory.apex +165 -0
- package/skills/handling-sf-data/assets/factories/case-factory.apex +237 -0
- package/skills/handling-sf-data/assets/factories/contact-factory.apex +168 -0
- package/skills/handling-sf-data/assets/factories/custom-object-factory.apex +260 -0
- package/skills/handling-sf-data/assets/factories/event-factory.apex +275 -0
- package/skills/handling-sf-data/assets/factories/hierarchy-factory.apex +372 -0
- package/skills/handling-sf-data/assets/factories/lead-factory.apex +190 -0
- package/skills/handling-sf-data/assets/factories/opportunity-factory.apex +206 -0
- package/skills/handling-sf-data/assets/factories/task-factory.apex +246 -0
- package/skills/handling-sf-data/assets/factories/user-factory.apex +278 -0
- package/skills/handling-sf-data/assets/json/account-contact-tree.json +130 -0
- package/skills/handling-sf-data/assets/json/account-opportunity-tree.json +110 -0
- package/skills/handling-sf-data/assets/json/full-hierarchy-tree.json +188 -0
- package/skills/handling-sf-data/assets/soql/aggregate.soql +226 -0
- package/skills/handling-sf-data/assets/soql/child-to-parent.soql +162 -0
- package/skills/handling-sf-data/assets/soql/parent-to-child.soql +153 -0
- package/skills/handling-sf-data/assets/soql/polymorphic.soql +198 -0
- package/skills/handling-sf-data/assets/soql/subquery.soql +287 -0
- package/skills/handling-sf-data/references/anonymous-apex-guide.md +98 -0
- package/skills/handling-sf-data/references/bulk-operations-guide.md +94 -0
- package/skills/handling-sf-data/references/bulk-testing-example.md +194 -0
- package/skills/handling-sf-data/references/cleanup-rollback-example.md +322 -0
- package/skills/handling-sf-data/references/cleanup-rollback-guide.md +84 -0
- package/skills/handling-sf-data/references/crud-workflow-example.md +183 -0
- package/skills/handling-sf-data/references/governor-limits-reference.md +74 -0
- package/skills/handling-sf-data/references/orchestration.md +174 -0
- package/skills/handling-sf-data/references/relationship-query-examples.md +249 -0
- package/skills/handling-sf-data/references/sf-cli-data-commands.md +158 -0
- package/skills/handling-sf-data/references/soql-relationship-guide.md +84 -0
- package/skills/handling-sf-data/references/test-data-best-practices.md +104 -0
- package/skills/handling-sf-data/references/test-data-factory-usage.md +290 -0
- package/skills/handling-sf-data/references/test-data-patterns.md +98 -0
- package/skills/handling-sf-data/scripts/soql_validator.py +292 -0
- package/skills/handling-sf-data/scripts/validate_data_operation.py +379 -0
- package/skills/harmonizing-datacloud/CREDITS.md +3 -0
- package/skills/harmonizing-datacloud/README.md +31 -0
- package/skills/harmonizing-datacloud/SKILL.md +117 -0
- package/skills/modeling-omnistudio-epc-catalog/CREDITS.md +14 -0
- package/skills/modeling-omnistudio-epc-catalog/README.md +89 -0
- package/skills/modeling-omnistudio-epc-catalog/SKILL.md +395 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/attribute-assignment-template.json +402 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/compiled-attribute-overrides-template.json +43 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/completion-block-template.txt +8 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/decomposition-relationships-template.json +233 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_AttributeAssignments.json +514 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_CompiledAttributeOverrides.json +21 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_DataPack.json +649 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_DecompositionRelationships.json +200 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_ObjectFieldAttributes.json +138 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_OrchestrationScenarios.json +54 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_OverrideDefinitions.json +266 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_ParentKeys.json +23 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_PriceListEntries.json +54 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_PricebookEntries.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_ProductChildItems.json +34 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-premium-fttc-simple-offer/Business-Internet-Premium-FTTC_RuleAssignments.json +21 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_AttributeAssignments.json +410 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_DataPack.json +535 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_DecompositionRelationships.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_ObjectFieldAttributes.json +138 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_OrchestrationScenarios.json +28 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_ParentKeys.json +23 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_PriceListEntries.json +220 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_PricebookEntries.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/business-internet-pro-vpl-simple-offer/Business-Internet-Pro-VPL_ProductChildItems.json +414 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_AttributeAssignments.json +382 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_DataPack.json +565 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_DecompositionRelationships.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_ObjectFieldAttributes.json +104 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_OrchestrationScenarios.json +28 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_ParentKeys.json +13 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_PriceListEntries.json +106 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_PricebookEntries.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/samsung-galaxy-s22-bundle/Samsung-Galaxy-S22-Bundle_ProductChildItems.json +72 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_AttributeAssignments.json +142 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_DataPack.json +377 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_DecompositionRelationships.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_ObjectFieldAttributes.json +36 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_ParentKeys.json +8 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_PriceListEntries.json +54 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_PricebookEntries.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/examples/static-ip-simple-offer/Static-IP_ProductChildItems.json +34 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/object-field-attributes-template.json +138 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/orchestration-scenarios-template.json +54 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/override-definitions-template.json +134 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/parent-keys-template.json +29 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/price-list-entries-template.json +158 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/pricebook-entries-template.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/product-child-item-template.json +338 -0
- package/skills/modeling-omnistudio-epc-catalog/assets/product2-offer-template.json +527 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/.gitkeep +1 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_AttributeAssignments.json +95 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_CompiledAttributeOverrides.json +1 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_DataPack.json +214 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_DecompositionRelationships.json +28 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_ObjectFieldAttributes.json +98 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_OrchestrationScenarios.json +22 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_OverrideDefinitions.json +1 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_ParentKeys.json +13 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_PriceListEntries.json +35 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_PricebookEntries.json +28 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/Business-Internet-Plus_ProductChildItems.json +110 -0
- package/skills/modeling-omnistudio-epc-catalog/examples/business-internet-plus-bundle/TRANSCRIPT.md +58 -0
- package/skills/modeling-omnistudio-epc-catalog/references/epc-field-guide.md +90 -0
- package/skills/modeling-omnistudio-epc-catalog/references/naming-conventions.md +80 -0
- package/skills/modeling-omnistudio-epc-catalog/references/scoring-model.md +57 -0
- package/skills/modeling-omnistudio-epc-catalog/scripts/cli-validation-commands.sh +19 -0
- package/skills/modeling-omnistudio-epc-catalog/scripts/sample-invocations.sh +18 -0
- package/skills/orchestrating-datacloud/CREDITS.md +15 -0
- package/skills/orchestrating-datacloud/README.md +129 -0
- package/skills/orchestrating-datacloud/SKILL.md +236 -0
- package/skills/orchestrating-datacloud/UPSTREAM.md +45 -0
- package/skills/orchestrating-datacloud/assets/definitions/activation-target.template.json +5 -0
- package/skills/orchestrating-datacloud/assets/definitions/activation.template.json +7 -0
- package/skills/orchestrating-datacloud/assets/definitions/calculated-insight.template.json +7 -0
- package/skills/orchestrating-datacloud/assets/definitions/data-action-target.template.json +5 -0
- package/skills/orchestrating-datacloud/assets/definitions/data-action.template.json +5 -0
- package/skills/orchestrating-datacloud/assets/definitions/data-graph.template.json +21 -0
- package/skills/orchestrating-datacloud/assets/definitions/data-stream.template.json +55 -0
- package/skills/orchestrating-datacloud/assets/definitions/dmo.template.json +17 -0
- package/skills/orchestrating-datacloud/assets/definitions/identity-resolution.template.json +30 -0
- package/skills/orchestrating-datacloud/assets/definitions/mapping.template.json +14 -0
- package/skills/orchestrating-datacloud/assets/definitions/relationship.template.json +12 -0
- package/skills/orchestrating-datacloud/assets/definitions/search-index.template.json +9 -0
- package/skills/orchestrating-datacloud/assets/definitions/segment.template.json +16 -0
- package/skills/orchestrating-datacloud/references/feature-readiness.md +157 -0
- package/skills/orchestrating-datacloud/references/plugin-setup.md +140 -0
- package/skills/orchestrating-datacloud/scripts/bootstrap-plugin.sh +53 -0
- package/skills/orchestrating-datacloud/scripts/diagnose-org.mjs +511 -0
- package/skills/orchestrating-datacloud/scripts/generate-manifest.mjs +68 -0
- package/skills/orchestrating-datacloud/scripts/verify-plugin.sh +58 -0
- package/skills/preparing-datacloud/CREDITS.md +7 -0
- package/skills/preparing-datacloud/README.md +51 -0
- package/skills/preparing-datacloud/SKILL.md +191 -0
- package/skills/preparing-datacloud/examples/ingestion-api/.env.example +8 -0
- package/skills/preparing-datacloud/examples/ingestion-api/README.md +48 -0
- package/skills/preparing-datacloud/examples/ingestion-api/send-data.py +144 -0
- package/skills/querying-soql/CREDITS.md +21 -0
- package/skills/querying-soql/README.md +41 -0
- package/skills/querying-soql/SKILL.md +143 -0
- package/skills/querying-soql/assets/aggregate-queries.soql +242 -0
- package/skills/querying-soql/assets/basic-queries.soql +188 -0
- package/skills/querying-soql/assets/bulkified-query-pattern.cls +280 -0
- package/skills/querying-soql/assets/optimization-patterns.soql +259 -0
- package/skills/querying-soql/assets/relationship-queries.soql +203 -0
- package/skills/querying-soql/assets/selector-class.cls +219 -0
- package/skills/querying-soql/references/anti-patterns.md +348 -0
- package/skills/querying-soql/references/cli-commands.md +358 -0
- package/skills/querying-soql/references/field-coverage-rules.md +514 -0
- package/skills/querying-soql/references/query-optimization.md +142 -0
- package/skills/querying-soql/references/selector-patterns.md +479 -0
- package/skills/querying-soql/references/soql-reference.md +227 -0
- package/skills/querying-soql/references/soql-syntax-reference.md +208 -0
- package/skills/querying-soql/scripts/post-tool-validate.py +322 -0
- package/skills/retrieving-datacloud/CREDITS.md +7 -0
- package/skills/retrieving-datacloud/README.md +44 -0
- package/skills/retrieving-datacloud/SKILL.md +120 -0
- package/skills/retrieving-datacloud/examples/search-indexes/hybrid-structured.json +44 -0
- package/skills/retrieving-datacloud/examples/search-indexes/vector-knowledge.json +43 -0
- package/skills/running-apex-tests/CREDITS.md +22 -0
- package/skills/running-apex-tests/README.md +94 -0
- package/skills/running-apex-tests/SKILL.md +158 -0
- package/skills/running-apex-tests/assets/basic-test.cls +169 -0
- package/skills/running-apex-tests/assets/bulk-test.cls +255 -0
- package/skills/running-apex-tests/assets/dml-mock.cls +339 -0
- package/skills/running-apex-tests/assets/mock-callout-test.cls +353 -0
- package/skills/running-apex-tests/assets/stub-provider-example.cls +364 -0
- package/skills/running-apex-tests/assets/test-data-factory.cls +328 -0
- package/skills/running-apex-tests/hooks/scripts/parse-test-results.py +364 -0
- package/skills/running-apex-tests/references/cli-commands.md +289 -0
- package/skills/running-apex-tests/references/mocking-patterns.md +500 -0
- package/skills/running-apex-tests/references/performance-optimization.md +283 -0
- package/skills/running-apex-tests/references/test-fix-loop.md +49 -0
- package/skills/running-apex-tests/references/test-patterns.md +154 -0
- package/skills/running-apex-tests/references/testing-best-practices.md +509 -0
- package/skills/segmenting-datacloud/CREDITS.md +3 -0
- package/skills/segmenting-datacloud/README.md +36 -0
- package/skills/segmenting-datacloud/SKILL.md +115 -0
|
@@ -0,0 +1,256 @@
|
|
|
1
|
+
# JWT Bearer Flow Template
|
|
2
|
+
|
|
3
|
+
OAuth 2.0 JWT Bearer assertion flow for server-to-server authentication without user interaction.
|
|
4
|
+
|
|
5
|
+
## When to Use
|
|
6
|
+
- Server-to-server integrations
|
|
7
|
+
- CI/CD pipelines
|
|
8
|
+
- Scheduled jobs and automation
|
|
9
|
+
- Background processes
|
|
10
|
+
- Any headless authentication scenario
|
|
11
|
+
|
|
12
|
+
## Prerequisites
|
|
13
|
+
1. X.509 Certificate uploaded to Salesforce Connected App
|
|
14
|
+
2. Pre-authorized user via Permission Set
|
|
15
|
+
3. Private key securely stored on server
|
|
16
|
+
|
|
17
|
+
## Mermaid Template
|
|
18
|
+
|
|
19
|
+
```mermaid
|
|
20
|
+
%%{init: {'theme': 'base', 'themeVariables': {
|
|
21
|
+
'actorBkg': '#ddd6fe',
|
|
22
|
+
'actorTextColor': '#1f2937',
|
|
23
|
+
'actorBorder': '#6d28d9',
|
|
24
|
+
'signalColor': '#334155',
|
|
25
|
+
'signalTextColor': '#1f2937',
|
|
26
|
+
'noteBkgColor': '#f8fafc',
|
|
27
|
+
'noteTextColor': '#1f2937',
|
|
28
|
+
'noteBorderColor': '#334155'
|
|
29
|
+
}}}%%
|
|
30
|
+
sequenceDiagram
|
|
31
|
+
autonumber
|
|
32
|
+
|
|
33
|
+
box rgba(221,214,254,0.3) SERVER ENVIRONMENT
|
|
34
|
+
participant S as 🖥️ Server<br/>(CI/CD, Backend)
|
|
35
|
+
participant K as 🔐 Key Store
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
box rgba(167,243,208,0.3) SALESFORCE
|
|
39
|
+
participant SF as ☁️ Salesforce<br/>Authorization Server
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
Note over S,SF: JWT Bearer Flow (RFC 7523)
|
|
43
|
+
|
|
44
|
+
S->>K: 1. Retrieve Private Key
|
|
45
|
+
K->>S: 2. Return Private Key
|
|
46
|
+
|
|
47
|
+
S->>S: 3. Create JWT Header
|
|
48
|
+
Note over S: {<br/> "alg": "RS256",<br/> "typ": "JWT"<br/>}
|
|
49
|
+
|
|
50
|
+
S->>S: 4. Create JWT Payload
|
|
51
|
+
Note over S: {<br/> "iss": "CONSUMER_KEY",<br/> "sub": "user@company.com",<br/> "aud": "https://login.salesforce.com",<br/> "exp": CURRENT_TIME + 300<br/>}
|
|
52
|
+
|
|
53
|
+
S->>S: 5. Sign JWT with Private Key
|
|
54
|
+
Note over S: signature = RS256(header.payload, privateKey)<br/>jwt = header.payload.signature
|
|
55
|
+
|
|
56
|
+
S->>SF: 6. POST /services/oauth2/token
|
|
57
|
+
Note over S,SF: grant_type=urn:ietf:params:oauth:<br/> grant-type:jwt-bearer<br/>assertion=SIGNED_JWT
|
|
58
|
+
|
|
59
|
+
SF->>SF: 7. Decode JWT
|
|
60
|
+
|
|
61
|
+
SF->>SF: 8. Validate Signature
|
|
62
|
+
Note over SF: Verify using uploaded<br/>X.509 certificate
|
|
63
|
+
|
|
64
|
+
SF->>SF: 9. Validate Claims
|
|
65
|
+
Note over SF: • iss matches Consumer Key<br/>• sub is pre-authorized user<br/>• aud is correct endpoint<br/>• exp is not passed
|
|
66
|
+
|
|
67
|
+
SF->>SF: 10. Check User Authorization
|
|
68
|
+
Note over SF: User must be pre-authorized<br/>via Permission Set
|
|
69
|
+
|
|
70
|
+
SF->>S: 11. Return Access Token
|
|
71
|
+
Note over SF,S: {<br/> "access_token": "...",<br/> "instance_url": "https://...",<br/> "token_type": "Bearer",<br/> "issued_at": "...",<br/> "scope": "api"<br/>}
|
|
72
|
+
|
|
73
|
+
Note over S: ⚠️ No refresh_token returned
|
|
74
|
+
|
|
75
|
+
S->>S: 12. Store Access Token
|
|
76
|
+
|
|
77
|
+
S->>SF: 13. Make API Calls
|
|
78
|
+
Note over S,SF: Authorization: Bearer ACCESS_TOKEN
|
|
79
|
+
|
|
80
|
+
SF->>S: 14. API Response
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
## ASCII Fallback Template
|
|
84
|
+
|
|
85
|
+
```
|
|
86
|
+
┌───────────────────────┐ ┌────────────────────┐
|
|
87
|
+
│ Server/CI/CD │ │ Salesforce │
|
|
88
|
+
│ (Private Key) │ │ (Certificate) │
|
|
89
|
+
└───────────┬───────────┘ └─────────┬──────────┘
|
|
90
|
+
│ │
|
|
91
|
+
│ 1. Create JWT Claims │
|
|
92
|
+
│ iss: consumer_key │
|
|
93
|
+
│ sub: user@company.com │
|
|
94
|
+
│ aud: login.sf.com │
|
|
95
|
+
│ exp: now + 5 min │
|
|
96
|
+
│ │
|
|
97
|
+
│ 2. Sign JWT with │
|
|
98
|
+
│ Private Key (RS256) │
|
|
99
|
+
│ │
|
|
100
|
+
│ 3. POST /token │
|
|
101
|
+
│ (grant_type=jwt-bearer)
|
|
102
|
+
│ (assertion=signed_jwt)│
|
|
103
|
+
│──────────────────────────>│
|
|
104
|
+
│ │
|
|
105
|
+
│ 4. Verify JWT │
|
|
106
|
+
│ signature │
|
|
107
|
+
│ with cert │
|
|
108
|
+
│ │
|
|
109
|
+
│ 5. Validate │
|
|
110
|
+
│ claims │
|
|
111
|
+
│ │
|
|
112
|
+
│ 6. Check user │
|
|
113
|
+
│ pre-auth │
|
|
114
|
+
│ │
|
|
115
|
+
│ 7. Access Token │
|
|
116
|
+
│ (NO refresh token!) │
|
|
117
|
+
│<──────────────────────────│
|
|
118
|
+
│ │
|
|
119
|
+
│ 8. API Request │
|
|
120
|
+
│ (Bearer token) │
|
|
121
|
+
│──────────────────────────>│
|
|
122
|
+
│ │
|
|
123
|
+
│ 9. API Response │
|
|
124
|
+
│<──────────────────────────│
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
## JWT Structure
|
|
128
|
+
|
|
129
|
+
### Header
|
|
130
|
+
```json
|
|
131
|
+
{
|
|
132
|
+
"alg": "RS256",
|
|
133
|
+
"typ": "JWT"
|
|
134
|
+
}
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
### Payload (Claims)
|
|
138
|
+
```json
|
|
139
|
+
{
|
|
140
|
+
"iss": "3MVG9...", // Consumer Key from Connected App
|
|
141
|
+
"sub": "user@company.com", // Pre-authorized username
|
|
142
|
+
"aud": "https://login.salesforce.com", // Or test.salesforce.com for sandbox
|
|
143
|
+
"exp": 1702123456 // Expiration (current time + 5 min max)
|
|
144
|
+
}
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
### Signature
|
|
148
|
+
```
|
|
149
|
+
RS256(
|
|
150
|
+
base64URLEncode(header) + "." + base64URLEncode(payload),
|
|
151
|
+
privateKey
|
|
152
|
+
)
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
## Token Request
|
|
156
|
+
|
|
157
|
+
```bash
|
|
158
|
+
curl -X POST https://login.salesforce.com/services/oauth2/token \
|
|
159
|
+
-d "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer" \
|
|
160
|
+
-d "assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIzTVZHOS4uLiIsInN1YiI6InVzZXJAY29tcGFueS5jb20iLCJhdWQiOiJodHRwczovL2xvZ2luLnNhbGVzZm9yY2UuY29tIiwiZXhwIjoxNzAyMTIzNDU2fQ.SIGNATURE"
|
|
161
|
+
```
|
|
162
|
+
|
|
163
|
+
## Code Examples
|
|
164
|
+
|
|
165
|
+
### Python
|
|
166
|
+
```python
|
|
167
|
+
import jwt
|
|
168
|
+
import time
|
|
169
|
+
import requests
|
|
170
|
+
|
|
171
|
+
private_key = open('server.key').read()
|
|
172
|
+
|
|
173
|
+
claim_set = {
|
|
174
|
+
'iss': 'YOUR_CONSUMER_KEY',
|
|
175
|
+
'sub': 'user@company.com',
|
|
176
|
+
'aud': 'https://login.salesforce.com',
|
|
177
|
+
'exp': int(time.time()) + 300 # 5 minutes
|
|
178
|
+
}
|
|
179
|
+
|
|
180
|
+
assertion = jwt.encode(claim_set, private_key, algorithm='RS256')
|
|
181
|
+
|
|
182
|
+
response = requests.post(
|
|
183
|
+
'https://login.salesforce.com/services/oauth2/token',
|
|
184
|
+
data={
|
|
185
|
+
'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
|
|
186
|
+
'assertion': assertion
|
|
187
|
+
}
|
|
188
|
+
)
|
|
189
|
+
|
|
190
|
+
access_token = response.json()['access_token']
|
|
191
|
+
instance_url = response.json()['instance_url']
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
### Node.js
|
|
195
|
+
```javascript
|
|
196
|
+
const jwt = require('jsonwebtoken');
|
|
197
|
+
const axios = require('axios');
|
|
198
|
+
const fs = require('fs');
|
|
199
|
+
|
|
200
|
+
const privateKey = fs.readFileSync('server.key');
|
|
201
|
+
|
|
202
|
+
const token = jwt.sign(
|
|
203
|
+
{
|
|
204
|
+
iss: 'YOUR_CONSUMER_KEY',
|
|
205
|
+
sub: 'user@company.com',
|
|
206
|
+
aud: 'https://login.salesforce.com',
|
|
207
|
+
exp: Math.floor(Date.now() / 1000) + 300
|
|
208
|
+
},
|
|
209
|
+
privateKey,
|
|
210
|
+
{ algorithm: 'RS256' }
|
|
211
|
+
);
|
|
212
|
+
|
|
213
|
+
const response = await axios.post(
|
|
214
|
+
'https://login.salesforce.com/services/oauth2/token',
|
|
215
|
+
new URLSearchParams({
|
|
216
|
+
grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
|
|
217
|
+
assertion: token
|
|
218
|
+
})
|
|
219
|
+
);
|
|
220
|
+
|
|
221
|
+
const { access_token, instance_url } = response.data;
|
|
222
|
+
```
|
|
223
|
+
|
|
224
|
+
## Key Characteristics
|
|
225
|
+
|
|
226
|
+
| Aspect | Value |
|
|
227
|
+
|--------|-------|
|
|
228
|
+
| User Interaction | None required |
|
|
229
|
+
| Refresh Token | **Not returned** - re-authenticate with new JWT |
|
|
230
|
+
| Token Lifetime | Default ~2 hours (configurable) |
|
|
231
|
+
| Security Model | Certificate-based (asymmetric) |
|
|
232
|
+
| Audience | `login.salesforce.com` or `test.salesforce.com` |
|
|
233
|
+
|
|
234
|
+
## Security Considerations
|
|
235
|
+
|
|
236
|
+
1. **Protect private key** - Use secrets manager, HSM, or secure vault
|
|
237
|
+
2. **Rotate certificates** before expiration
|
|
238
|
+
3. **Short JWT expiration** - Maximum 5 minutes recommended
|
|
239
|
+
4. **Limit user permissions** - Use dedicated integration user
|
|
240
|
+
5. **Monitor token usage** - Set up login history alerts
|
|
241
|
+
|
|
242
|
+
## Troubleshooting
|
|
243
|
+
|
|
244
|
+
| Error | Cause | Solution |
|
|
245
|
+
|-------|-------|----------|
|
|
246
|
+
| `invalid_grant` | JWT expired or invalid | Check exp claim, verify signature |
|
|
247
|
+
| `invalid_client` | Consumer key mismatch | Verify iss matches Connected App |
|
|
248
|
+
| `user_not_authorized` | User not pre-approved | Assign Permission Set to user |
|
|
249
|
+
| `invalid_assertion` | Signature verification failed | Verify certificate upload |
|
|
250
|
+
|
|
251
|
+
## Customization Points
|
|
252
|
+
|
|
253
|
+
Replace these placeholders:
|
|
254
|
+
- `CONSUMER_KEY` → Your Connected App's Consumer Key
|
|
255
|
+
- `user@company.com` → Pre-authorized Salesforce username
|
|
256
|
+
- `login.salesforce.com` → Or `test.salesforce.com` for sandbox
|
|
@@ -0,0 +1,281 @@
|
|
|
1
|
+
# Refresh Token Flow Template
|
|
2
|
+
|
|
3
|
+
OAuth 2.0 Refresh Token Grant for obtaining new access tokens without user interaction.
|
|
4
|
+
|
|
5
|
+
## When to Use
|
|
6
|
+
- Access token has expired
|
|
7
|
+
- Extending session without re-authentication
|
|
8
|
+
- Background token renewal
|
|
9
|
+
- Any scenario requiring long-lived access
|
|
10
|
+
|
|
11
|
+
## Mermaid Template
|
|
12
|
+
|
|
13
|
+
```mermaid
|
|
14
|
+
%%{init: {'theme': 'base', 'themeVariables': {
|
|
15
|
+
'actorBkg': '#ddd6fe',
|
|
16
|
+
'actorTextColor': '#1f2937',
|
|
17
|
+
'actorBorder': '#6d28d9',
|
|
18
|
+
'signalColor': '#334155',
|
|
19
|
+
'signalTextColor': '#1f2937',
|
|
20
|
+
'noteBkgColor': '#f8fafc',
|
|
21
|
+
'noteTextColor': '#1f2937',
|
|
22
|
+
'noteBorderColor': '#334155'
|
|
23
|
+
}}}%%
|
|
24
|
+
sequenceDiagram
|
|
25
|
+
autonumber
|
|
26
|
+
|
|
27
|
+
box rgba(221,214,254,0.3) CLIENT APPLICATION
|
|
28
|
+
participant A as 🖥️ Application
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
box rgba(167,243,208,0.3) SALESFORCE
|
|
32
|
+
participant SF as ☁️ Salesforce<br/>Authorization Server
|
|
33
|
+
participant API as 📊 Salesforce<br/>REST API
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
Note over A,API: Refresh Token Flow (RFC 6749 Section 6)
|
|
37
|
+
|
|
38
|
+
A->>API: 1. API Request with Access Token
|
|
39
|
+
Note over A,API: Authorization: Bearer ACCESS_TOKEN
|
|
40
|
+
|
|
41
|
+
API->>A: 2. 401 Unauthorized
|
|
42
|
+
Note over API,A: {<br/> "errorCode": "INVALID_SESSION_ID",<br/> "message": "Session expired"<br/>}
|
|
43
|
+
|
|
44
|
+
A->>A: 3. Detect Token Expiration
|
|
45
|
+
|
|
46
|
+
A->>SF: 4. POST /services/oauth2/token
|
|
47
|
+
Note over A,SF: grant_type=refresh_token<br/>client_id=CONSUMER_KEY<br/>client_secret=CONSUMER_SECRET<br/>refresh_token=REFRESH_TOKEN
|
|
48
|
+
|
|
49
|
+
SF->>SF: 5. Validate Refresh Token
|
|
50
|
+
Note over SF: • Token not revoked<br/>• Client matches original<br/>• Scopes still valid
|
|
51
|
+
|
|
52
|
+
SF->>SF: 6. Generate New Access Token
|
|
53
|
+
Note over SF: May also rotate<br/>refresh token
|
|
54
|
+
|
|
55
|
+
SF->>A: 7. Return New Tokens
|
|
56
|
+
Note over SF,A: {<br/> "access_token": "NEW_TOKEN...",<br/> "refresh_token": "ROTATED...",<br/> "instance_url": "https://...",<br/> "token_type": "Bearer",<br/> "issued_at": "..."<br/>}
|
|
57
|
+
|
|
58
|
+
A->>A: 8. Update Stored Tokens
|
|
59
|
+
Note over A: Replace old tokens<br/>with new ones
|
|
60
|
+
|
|
61
|
+
A->>API: 9. Retry API Request
|
|
62
|
+
Note over A,API: Authorization: Bearer NEW_ACCESS_TOKEN
|
|
63
|
+
|
|
64
|
+
API->>A: 10. ✅ Successful Response
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
## ASCII Fallback Template
|
|
68
|
+
|
|
69
|
+
```
|
|
70
|
+
┌───────────────────────┐ ┌────────────────────┐
|
|
71
|
+
│ Application │ │ Salesforce │
|
|
72
|
+
│ (stored tokens) │ │ (Auth Server) │
|
|
73
|
+
└───────────┬───────────┘ └─────────┬──────────┘
|
|
74
|
+
│ │
|
|
75
|
+
│ 1. API Request │
|
|
76
|
+
│ (old access_token) │
|
|
77
|
+
│──────────────────────────>│
|
|
78
|
+
│ │
|
|
79
|
+
│ 2. 401 Unauthorized │
|
|
80
|
+
│ (session expired) │
|
|
81
|
+
│<──────────────────────────│
|
|
82
|
+
│ │
|
|
83
|
+
│ 3. POST /token │
|
|
84
|
+
│ grant_type= │
|
|
85
|
+
│ refresh_token │
|
|
86
|
+
│ refresh_token=XXX │
|
|
87
|
+
│──────────────────────────>│
|
|
88
|
+
│ │
|
|
89
|
+
│ 4. Validate │
|
|
90
|
+
│ refresh token│
|
|
91
|
+
│ │
|
|
92
|
+
│ 5. Generate new │
|
|
93
|
+
│ access token │
|
|
94
|
+
│ │
|
|
95
|
+
│ 6. New Tokens │
|
|
96
|
+
│ - access_token (new) │
|
|
97
|
+
│ - refresh_token │
|
|
98
|
+
│ (possibly rotated) │
|
|
99
|
+
│<──────────────────────────│
|
|
100
|
+
│ │
|
|
101
|
+
│ 7. Retry API Request │
|
|
102
|
+
│ (new access_token) │
|
|
103
|
+
│──────────────────────────>│
|
|
104
|
+
│ │
|
|
105
|
+
│ 8. Success ✅ │
|
|
106
|
+
│<──────────────────────────│
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
## Token Request
|
|
110
|
+
|
|
111
|
+
```bash
|
|
112
|
+
curl -X POST https://login.salesforce.com/services/oauth2/token \
|
|
113
|
+
-d "grant_type=refresh_token" \
|
|
114
|
+
-d "client_id=YOUR_CONSUMER_KEY" \
|
|
115
|
+
-d "client_secret=YOUR_CONSUMER_SECRET" \
|
|
116
|
+
-d "refresh_token=YOUR_REFRESH_TOKEN"
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
## Response Example
|
|
120
|
+
|
|
121
|
+
```json
|
|
122
|
+
{
|
|
123
|
+
"access_token": "00D5g000001ABC...!ARcAQNlBrLGj...",
|
|
124
|
+
"refresh_token": "5Aep8617...",
|
|
125
|
+
"instance_url": "https://mycompany.my.salesforce.com",
|
|
126
|
+
"token_type": "Bearer",
|
|
127
|
+
"issued_at": "1702123456789",
|
|
128
|
+
"signature": "..."
|
|
129
|
+
}
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
## Code Example with Auto-Refresh
|
|
133
|
+
|
|
134
|
+
```python
|
|
135
|
+
import requests
|
|
136
|
+
from functools import wraps
|
|
137
|
+
|
|
138
|
+
class SalesforceClient:
|
|
139
|
+
def __init__(self, client_id, client_secret, tokens):
|
|
140
|
+
self.client_id = client_id
|
|
141
|
+
self.client_secret = client_secret
|
|
142
|
+
self.access_token = tokens['access_token']
|
|
143
|
+
self.refresh_token = tokens['refresh_token']
|
|
144
|
+
self.instance_url = tokens['instance_url']
|
|
145
|
+
|
|
146
|
+
def refresh_access_token(self):
|
|
147
|
+
"""Refresh the access token using the refresh token."""
|
|
148
|
+
response = requests.post(
|
|
149
|
+
'https://login.salesforce.com/services/oauth2/token',
|
|
150
|
+
data={
|
|
151
|
+
'grant_type': 'refresh_token',
|
|
152
|
+
'client_id': self.client_id,
|
|
153
|
+
'client_secret': self.client_secret,
|
|
154
|
+
'refresh_token': self.refresh_token
|
|
155
|
+
}
|
|
156
|
+
)
|
|
157
|
+
|
|
158
|
+
if response.status_code == 200:
|
|
159
|
+
tokens = response.json()
|
|
160
|
+
self.access_token = tokens['access_token']
|
|
161
|
+
# Handle potential refresh token rotation
|
|
162
|
+
if 'refresh_token' in tokens:
|
|
163
|
+
self.refresh_token = tokens['refresh_token']
|
|
164
|
+
return True
|
|
165
|
+
return False
|
|
166
|
+
|
|
167
|
+
def api_request(self, endpoint, method='GET', **kwargs):
|
|
168
|
+
"""Make an API request with automatic token refresh."""
|
|
169
|
+
url = f"{self.instance_url}/services/data/v66.0/{endpoint}"
|
|
170
|
+
headers = {
|
|
171
|
+
'Authorization': f'Bearer {self.access_token}',
|
|
172
|
+
'Content-Type': 'application/json'
|
|
173
|
+
}
|
|
174
|
+
|
|
175
|
+
response = requests.request(method, url, headers=headers, **kwargs)
|
|
176
|
+
|
|
177
|
+
# If token expired, refresh and retry
|
|
178
|
+
if response.status_code == 401:
|
|
179
|
+
if self.refresh_access_token():
|
|
180
|
+
headers['Authorization'] = f'Bearer {self.access_token}'
|
|
181
|
+
response = requests.request(method, url, headers=headers, **kwargs)
|
|
182
|
+
|
|
183
|
+
return response
|
|
184
|
+
|
|
185
|
+
# Usage
|
|
186
|
+
client = SalesforceClient(
|
|
187
|
+
client_id='YOUR_CONSUMER_KEY',
|
|
188
|
+
client_secret='YOUR_CONSUMER_SECRET',
|
|
189
|
+
tokens={
|
|
190
|
+
'access_token': 'initial_access_token',
|
|
191
|
+
'refresh_token': 'initial_refresh_token',
|
|
192
|
+
'instance_url': 'https://mycompany.my.salesforce.com'
|
|
193
|
+
}
|
|
194
|
+
)
|
|
195
|
+
|
|
196
|
+
# Automatic refresh on 401
|
|
197
|
+
response = client.api_request('sobjects/Account')
|
|
198
|
+
```
|
|
199
|
+
|
|
200
|
+
## Refresh Token Policies
|
|
201
|
+
|
|
202
|
+
### Connected App Settings
|
|
203
|
+
|
|
204
|
+
| Policy | Description |
|
|
205
|
+
|--------|-------------|
|
|
206
|
+
| `Refresh token is valid until revoked` | Never expires (default) |
|
|
207
|
+
| `Immediately expire refresh token` | Single use |
|
|
208
|
+
| `Expire refresh token if not used for N` | Idle timeout |
|
|
209
|
+
| `Expire refresh token after N` | Absolute timeout |
|
|
210
|
+
|
|
211
|
+
### Token Rotation
|
|
212
|
+
|
|
213
|
+
When configured, Salesforce may return a **new refresh token** with each refresh. Always check for and store the new refresh token:
|
|
214
|
+
|
|
215
|
+
```python
|
|
216
|
+
if 'refresh_token' in response:
|
|
217
|
+
# New refresh token issued - old one is now invalid!
|
|
218
|
+
stored_refresh_token = response['refresh_token']
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
## Error Responses
|
|
222
|
+
|
|
223
|
+
| Error | Cause | Solution |
|
|
224
|
+
|-------|-------|----------|
|
|
225
|
+
| `invalid_grant` | Refresh token revoked or expired | Re-authenticate user |
|
|
226
|
+
| `invalid_client` | Client credentials invalid | Check client_id/secret |
|
|
227
|
+
| `invalid_request` | Missing required parameter | Check request format |
|
|
228
|
+
|
|
229
|
+
## Key Characteristics
|
|
230
|
+
|
|
231
|
+
| Aspect | Value |
|
|
232
|
+
|--------|-------|
|
|
233
|
+
| User Interaction | None required |
|
|
234
|
+
| Token Rotation | May occur (check response) |
|
|
235
|
+
| Best Practice | Refresh proactively before expiration |
|
|
236
|
+
| Storage | Securely store refresh token |
|
|
237
|
+
|
|
238
|
+
## Proactive Refresh Strategy
|
|
239
|
+
|
|
240
|
+
```python
|
|
241
|
+
import time
|
|
242
|
+
import jwt
|
|
243
|
+
|
|
244
|
+
def should_refresh_token(access_token, buffer_seconds=300):
|
|
245
|
+
"""Check if token should be refreshed (5 min buffer)."""
|
|
246
|
+
try:
|
|
247
|
+
# Decode without verification to read exp claim
|
|
248
|
+
decoded = jwt.decode(access_token, options={"verify_signature": False})
|
|
249
|
+
exp_time = decoded.get('exp', 0)
|
|
250
|
+
return time.time() > (exp_time - buffer_seconds)
|
|
251
|
+
except:
|
|
252
|
+
return True # Refresh if we can't decode
|
|
253
|
+
|
|
254
|
+
# Proactive refresh before API call
|
|
255
|
+
if should_refresh_token(access_token):
|
|
256
|
+
refresh_access_token()
|
|
257
|
+
```
|
|
258
|
+
|
|
259
|
+
## Security Considerations
|
|
260
|
+
|
|
261
|
+
1. **Store refresh tokens securely** - Encrypted storage, secure keychain
|
|
262
|
+
2. **Handle rotation** - Always update stored refresh token
|
|
263
|
+
3. **Implement revocation** - Revoke tokens on logout
|
|
264
|
+
4. **Monitor for abuse** - Track refresh token usage patterns
|
|
265
|
+
5. **Use HTTPS only** - Never send tokens over HTTP
|
|
266
|
+
|
|
267
|
+
## Revoking Tokens
|
|
268
|
+
|
|
269
|
+
When user logs out, revoke the refresh token:
|
|
270
|
+
|
|
271
|
+
```bash
|
|
272
|
+
curl -X POST https://login.salesforce.com/services/oauth2/revoke \
|
|
273
|
+
-d "token=YOUR_REFRESH_TOKEN"
|
|
274
|
+
```
|
|
275
|
+
|
|
276
|
+
## Customization Points
|
|
277
|
+
|
|
278
|
+
Replace these placeholders:
|
|
279
|
+
- `CONSUMER_KEY` → Your Connected App's Consumer Key
|
|
280
|
+
- `CONSUMER_SECRET` → Your Connected App's Consumer Secret
|
|
281
|
+
- `REFRESH_TOKEN` → The refresh token from initial authorization
|