# Salesforce

### Authentication configuration

The Salesforce OAuth authentication offers several behaviors when users try to authenticate. This is the summary of the available options (taken from Salesforce [Oauth docs](https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm\&type=5)):

* `login`—The authorization server must prompt the user for reauthentication, forcing the user to log in again.
* `consent`—The authorization server must prompt the user for reapproval before returning information to the client.
* `select_account`—If present, take one of the following actions.
  * If zero or one hint is available and the user is logged in, show the approval page without prompting for login.
  * If zero or one hint is available and the user isn’t logged in, prompt for login.
  * If more than one hint is available, show the account chooser.

By default, we use the `login` option, but you can configure it through the Backoffice.

1. Login into the Backoffice, and go to the Services module. Then add a new service like this:

![](https://4088726956-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LATDgYqVMe0hChW7efU%2F-MgrnEMfqdLyqs7_sTwz%2F-MgsBUx-y__hz2qbRuyt%2Fsalesforce1.png?alt=media\&token=0af79dd8-ee88-46a7-b11b-43ce2fb82c40)

2\. Add a *promptType* key, and set it to one of the supported values by Salesforce:

![](https://4088726956-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LATDgYqVMe0hChW7efU%2F-MgrnEMfqdLyqs7_sTwz%2F-MgsBq0WEJ5HKmEdtKjr%2Fsalesforce2.png?alt=media\&token=a82967ef-00ea-4790-b37c-98bbaa961686)