We created an appexchange application that runs on Heroku. This application can run without the user loging-in each time. For this we use the Remote access app with consumer key and consumer secret. Now the issue is that an administrator need to setup this remote access application and het needs to paste the consumer key and secret in our application to properly work.

I would like to eliminate that step so our application can query through apex for the consumer key and secret, is this Possible?

I want in fact the same approach like Chatter desktop uses, but i can't find any documentation about this topic.

Thanks for your help!

Attribution to: Sven Delporte

Possible Suggestion/Solution #1

No - it's not possible to retrieve a remote access app's consumer key/secret via Apex.

The approach Chatter Desktop uses is the OAuth 2.0 'user agent' flow - the Chatter Desktop carries a consumer key, but no secret, since an attacker could just read it out of the app's binary.

Attribution to: metadaddy
This content is remixed from stackoverflow or stackexchange. Please visit https://salesforce.stackexchange.com/questions/1495