Setting Up Headless Authentication with Salesforce
Published
Modified
Viewed198 times
Enable Authorization Code and Credentials Flow
![Allow Headless Code Credentilas](/_next/static/media/Headless_Allow_Code_Credentials.cd8c5dc3.webp)
Create a Role to Manage Headless Identity Features
![Manage Headless Identity Features](/_next/static/media/Manage_Headless_Identity_Features.623530b1.webp)
![Assign Headless Admin Role to System Admin](/_next/static/media/Assign_Headless_Admin_Role_to_System_Admin.9f6e6ae5.webp)
Set Up Profile for End Users
![Set Up Profile for End Users](/_next/static/media/Setup_Profile_for_End_Users.b46ef7ed.webp)
![Create Account for End Users](/_next/static/media/Create_Account_for_End_Users.e679b1a5.webp)
Set Up and Configure Experience Cloud Site
![Setup Salesforce My Domain](/_next/static/media/Salesforce_My_Domain_Setup.3e31ae75.webp)
![Enable Digital Experience](/_next/static/media/Enable_Digital_Experience.39b5d2e2.webp)
![Create Experience Cloud Site](/_next/static/media/New_Experience_Cloud_Site.87724f73.webp)
![Setup Profile for Experience Cloud Site](/_next/static/media/Setup_Profile_Experience_Cloud_Site.5db35794.webp)
Set Up Connected App for Headless Identity
![Connected App for Headless Setup](/_next/static/media/Connected_App_Setup.24e2e315.webp)
![Connected App Auth Policies](/_next/static/media/Connected_App_Auth_Policies.0d2ba69d.webp)
![Connected App Manage Profiles](/_next/static/media/Connected_App_Manage_Profiles.c2442cda.webp)
![Connected App Manage Consumer Details](/_next/static/media/Connected_App_Manage_Consumer_Details.756aac30.webp)
Create a User to Verify Headless Identity Setup
![Experience Cloud Site Register User Configuration](/_next/static/media/Experience_Site_Register_User_Configuration.3310a646.webp)
Headless Login Postman Request
- POST Authorization Request - /services/oauth2/authorize
- Authorization
- Basic Auth [Username & Password] will add Authorization header with the value Basic <username:password>, which contains the Base64-encoded username and password value.
- Headers
- Auth-Request-Type: Named-User
- Body
- response_type: code_credentials
client_id: [Connected App Consumer Key]
redirect_uri: [Connected App Callback URL]
- POST Token Request - /services/oauth2/token
- Body
- code: Received in response during Authorization Request
grant_type: authorization_code
client_id: [Connected App Consumer Key]
redirect_uri: [Connected App Callback URL]
- POST User Info - /services/oauth2/userinfo
- Headers
- Authorization: Bearer [access_token], received in response during Token Request
Content-Type: application/json
If the login was successful, you get a response containing information about the user.