Securing Salesforce Integrations with Heroku AppLink
Summary
Heroku AppLink offers Salesforce teams a streamlined, secure way to build integrations between Salesforce and external Heroku apps without the complexity of managing OAuth tokens or Connected Apps manually. It supports multiple authentication modes tailored for different integration patterns, including user-based, user-plus, and authorized-user modes, enabling seamless and auditable access to Salesforce data. Practical scenarios covered include dynamic website content using Salesforce data, data ingestion APIs for suppliers, and asynchronous third-party API callouts initiated from Salesforce with callback handling. After reading, teams will understand how to configure Heroku AppLink, manage permissions, and build scalable, secure integrations with reusable code examples.
Takeaways
- Leverage Heroku AppLink to securely manage authentication for Salesforce-Heroku integrations.
- Use user, user-plus, and authorized-user modes to match different integration scenarios.
- Assign session-based permission sets for escalating user permissions during integration calls.
- Implement async callbacks from Heroku to Salesforce Apex for long-running operations.
- Avoid manual OAuth token management by using the AppLink SDK or direct API calls.
In my other blogs, I have focused on how Heroku’s elastic services can add additional powerful and scalable features to your Salesforce applications, seamlessly extending existing Flow and Apex investments in doing so. This blog, however, focuses on another use case that Salesforce developers can also find themselves involved in—and that is building integrations with Salesforce data . Heroku’s fully managed services also make a great choice to keep focused on the task of building your integration apps and services, such as ingesting data transformations, filtering, aggregations, as well as supporting you in building user experiences you might need to deploy for other systems or users outside of Salesforce.