Token-based Authentication Credentials and Accounts
Note the following when using token-based authentication (TBA) in sandbox and production accounts:
-
The Token Key and Token Secret used for TBA are always unique to each account.
-
After a sandbox refresh, Token Key and Token Secret are deleted and must be regenerated. This doesn't affect the production account's Token Key and Token Secret.
-
Consumer Key and Consumer Secret can be shared between accounts if you create a record in one and install it in the other. In this case, regenerating Consumer Key or Consumer Secret in sandbox can break production integrations if shared.
Best practices:
-
Create separate integration records in each account to avoid production changes.
-
After testing, create a new production record with changes instead of updating the existing one.
-
For minor changes or credential regeneration, update the existing record instead of creating a new one. Make changes in sandbox and then install the updated record in production.
Related Topics
- Integration Management
- Integration Record Overview
- Adding an Integration Record
- Application Details for Client Code
- Blocking SOAP Web Services Requests
- SOAP Web Services Execution Log
- Distributing Integration Records
- Default Web Services Integrations Record
- Using Integration Records in Sandbox Accounts
- Token-based Authentication Credentials and Accounts
- Using Integration Records in Conjunction With SSO Calls
- Removing Integration Records
- Tracking Changes to Integration Records