Excellent presentation! wow wonderfully documented and presented. Lot of my confusion i guess is answered.

Honestly, this was so great I'm somewhat baffled the end table is not part of official Salesforce Documentation or at least supporting documentation. Really awesome job.

Precious and well prepared presentation! Priceless resource!

Hi Charly, Your explanation and Slides are excellent. Thank you.

Awesome explanation, just one correction is needed for user agent flow that, Authorization endpoint will be used to get access token, not the token endpoint.

Hi Charly, this is the best explanation and mapping of generic Oauth 2.0 grants with Salesforce flows. Massively helpful. The only other thing that I need to understand is how does Authorization sits with Authentication in Salesforce especially with SAML SSO ? Would be great if you can create a video on that as well. But this is the best explanation for Oauth in Salesforce.Kudos !!

Great Information. Just to add something I feel that JWT-bearer flow is an complete flow in itself. This is mainly useful for server to server authurization where there is no way to log-in interactively and trust is established based on the certificates. grant_type = urn:ietf:params:oauth:grant-type:jwt-bearer.

I have one question, there was a Grant type called out in episode 1 called "Client Credentials Grant" .. Is this missing here or I missed to understand something ? Excellent presentation !

I'm a little confused by something with this. In Episode 1 at the 8:20 mark Charly says that oAuth 2.0 is not an 'Authentication' protocol, but is an 'Authorization' protocol/framework. Then in Episode 2 at the 50:18 mark Charly makes several references to using oAuth 2.0 as an Authentication protocol. Specifically there is one slide (it says 'Episode 3' at the bottom) that says 'you must authenticate the application user using oAuth 2.0', and again 'one of several different OAuth 2.0 authentication flows'. I would appreciate any if you can clear this up. Excellent presentation by the way, this was very helpful.

How does a web server flow user name and password? They use client secret and key and all the servers mentioned here are the trusted servers. I am not sure how can we go for an unsafe User-Agent flow over a web - server auth flow?

This is priceless.

Very well explained. Thank you

Hi, very interesting presentation. Where can I find the slides??

Amazing presentation

Great presentation Charly, I had been struggling with the use cases too. I think I have encountered the SAML Assertion Flow use case where, as you had stated, you sign into your Windows client and SSO is configured in your Salesforce org. If you launch Microsoft Excel you can choose Get Data, From Online Services, you can choose Salesforce Object or Salesforce report and select your data without additional authorization.

Here is an excellent add-on to Charly's chart and flow selection process. It provides a little more detail around use-cases for each of the flows. Kudos to Jannis Bott for this article as well. www.linkedin.com/pulse/salesforce-oauth-which-flow-should-i-use-jannis-bott-/

Please can you let me know from where I can get this slide

Well explained.