You are here: Integrating With CPQ Cloud > Integration Guides > OAuth 2.0 Secure Login Functionality

OAuth 2.0 Secure Login Functionality


OAuth 2.0, an industry standard technology, allows users to grant third-party access to their application without sharing their passwords. In this case, Salesforce generates a security token for each user, and these tokens are used to authenticate access by CPQ Cloud to Salesforce.

The CPQ Cloud OAuth implementation will continue to provide users with seamless access between Salesforce and their CPQ Cloud site. Furthermore, the process of upgrading to Salesforce’s OAuth functionality has been designed to be invisible to the typical sales user logging in to CPQ Cloud through Salesforce.

The CPQ Cloud OAuth implementation is only compatible with Salesforce integrations.



To begin using OAuth functionality on a Oracle CPQ Cloud site that is integrated with Salesforce, an admin must ensure the following requirements are fulfilled:

Once Salesforce Commerce Integration Managed Package version 5.0 or later has been installed, the current CRM authentication method will no longer function.

All OAuth setup requirements must be completed before integration between CPQ Cloud and Salesforce can continue.

Selecting Yes means a user’s existing Salesforce password, stored within CPQ Cloud, is permanently deleted once a token is generated for that user.

If a site is integrated with a CRM other than Salesforce, and Enable CRM OAuth is set to Yes, user access and any integration tasks between CPQ Cloud and the respective CRM will no longer function.

ClosedOAuth Token Generation

Generally, OAuth tokens only have to be generated once for each user. However, an OAuth token must be regenerated if it expires. There are two ways a token can expire:

Once a site is set up to use OAuth, each user’s token can either be generated automatically (by the system) or generated manually (by that user or by an admin). With either method, an individual user’s Salesforce password is permanently deleted from CPQ Cloud immediately after the successful generation of their token.

There are two scenarios under which a user accessing the CPQ Cloud site does not yet have an OAuth token both stored in CPQ Cloud and linked to their login:


Related Topics Link IconSee Also