Expose Salesforce REST API through the WSO2 API Cloud

Start through the below list of questions to find out if centralized API management helps you to secure your enterprise resources.

  • Who is managing the credentials when your enterprise applications need to access Salesforce APIs? Is it the developer or a member of your digital operations team?
  • How many applications consume the Salesforce API? Are you aware of the usages of them?
  • Are you worried about configuring security options in multiple applications for different SaaS APIs?
  • Are you worried about sharing API credentials with your development teams?
  • Are these applications consuming other REST APIs apart from Salesforce?
  • Are your developers struggling to setup different REST APIs and manage security tokens?
  • How do you detect that your API keys are compromised?
  • How do you identify anomalies when enterprise applications consume multiple REST APIs?
  • How fast can you revoke authorizations without affecting other applications?
  • How often do your developers commit the security tokens to source control systems?
  • Are you looking for a centralized API Management solution for securing REST APIs used in your enterprise?

If the answer is Yes for most of the above questions, this is important for you to secure your enterprise resources using a centralized API Management solution.

As the digital operation team, you are responsible for allowing your application developers to securely consume REST API used in the enterprise.

Let’s take an example of using the Salesforce API.

Salesforce as a managed API

As the digital operation team,

  • Expose Salesforce REST API as a managed API.
  • Register an OAuth application in Salesforce and get required sensitive data for completing the password grant type. WSO2 API Cloud allows you to make use of custom mediation logic using sequences.
  • Make use of scopes to avoid sharing sensitive data with all applications.
  • You need to monitor the system for abnormal behavior and take immediate actions to shut down vulnerable applications in your enterprise. WSO2 API Cloud detects and alerts you.
  • Test your managed API and let your application developers to consume them.

Try a live demo in the WSO2 API Cloud at https://api.cloud.wso2.com/store/?tenant=digiops

You can self-register as a consumer, subscribe to Salesforce API, generate OAuth tokens and use API Console to invoke and get results.

Note that above Salesforce account is used only for demonstration purpose.