Salesforce authentication

Salesforce authentication lets your users sign in with their Salesforce account. Once connected, you can offer “Continue with Salesforce” in your WeWeb app.

What this integration supports

• Social sign in with Salesforce
• Redirect to different pages for success, error, and first-time users

Setup in Salesforce

You create a Connected App in Salesforce and register WeWeb’s callback URL (the URL Salesforce sends users back to after they approve sign in).

1. Create a Connected App

1. Sign in to Salesforce.
2. Open Setup.
3. Go to App Manager.
4. Click New Connected App.
5. Fill in the basic app information (name and contact email).

2. Enable OAuth settings and set the callback URL

1. In the connected app, enable OAuth Settings (or Enable OAuth Settings).
2. Set the Callback URL to:
   • https://<your-domain>/api/auth/callback/salesforce
3. Select OAuth scopes that let Salesforce share basic identity details. A common starting point is:
   • openid
   • profile
   • email
   • offline_access / refresh_token (If you want long-lived sessions)
4. If Salesforce shows a PKCE option, enable Require Proof Key for Code Exchange (PKCE).
5. Save your changes.

If you use multiple environments, add a callback URL for each environment (preview, staging, production).

3. Copy your keys

After saving, copy the connected app credentials:

• Consumer Key (Use this as Consumer Key in WeWeb)
• Consumer Secret (Use this as Consumer Secret in WeWeb)

Connect Salesforce in WeWeb

1. In the WeWeb editor, go to Data & API → Auth → Integrating providers.
2. Find Salesforce and expand it.
3. Turn on the Enable toggle.
4. Fill in:
   • Consumer Key
   • Consumer Secret
5. Click Save.

WeWeb stores these values as environment variables (for example PROVIDER_SALESFORCE_CLIENT_ID and PROVIDER_SALESFORCE_CLIENT_SECRET).

Test sign in

1. In Interface, add a “Continue with Salesforce” button.
2. Create a workflow on click and add Sign in with social provider.
3. Set:
   • Provider: salesforce
   • Success page, Error page, And (optional) New user page
4. Preview your project and complete the Salesforce sign-in flow.

For what to do after sign in (roles, private pages, and access checks), see Users and roles overview →.

Common pitfalls

Callback URL mismatch

If Salesforce shows a redirect error, the callback URL in your connected app usually doesn’t match what your app is using.

• In Salesforce, confirm the callback URL exactly matches https:///api/auth/callback/salesforce for the environment you are testing.
• Make sure you are not mixing sandbox and production domains.

Connected app changes take time

Salesforce can take a few minutes to apply changes to a connected app.

• After changing the callback URL or scopes, wait a few minutes and try again.
• If you changed scopes, users might see the consent screen again.

Using the wrong Salesforce environment

Salesforce has separate production and sandbox environments.

• If you are testing with a sandbox org, make sure the connected app exists in that sandbox.
• Use different credentials for staging and production by configuring WeWeb environments.

Reference

WeWeb settings

Setting in WeWeb	Description	Where to find it in Salesforce
Consumer Key	Identifies your Salesforce connected app.	Connected app credentials (Consumer Key).
Consumer Secret	Secret used to securely complete sign in.	Connected app credentials (Consumer Secret).

FAQs

What provider value should I use in the workflow action?

Use salesforce as the Provider value in the Sign in with social provider action.

Can I use sandbox for testing?

Yes. Create the connected app in your sandbox org and use those keys in your staging environment.

Continue learning

Now that Salesforce sign in works, learn how to manage roles and restrict access.

Users and roles overview →