Go to Setup, then type in Named Credentials to the Quick Find box and select it.
First create some External Credentials by navigating to that tab and clicking New on the right hand side.
Fill in the following External Credential fields in the modal with these specifications:
|Label||Tooling API Authentication|
|Authentication Protocol||OAuth 2.0|
|Authentication Flow Type||Select Browser Flow|
|Authentication Provider||Select LEDQ Tooling API|
Scroll to Permission Set Mappings and click New to create a permission set mapping for this external credential with the following specifications:
|Permission Set||EDQ Admin|
|Sequence Number||Assign a sequence number. A sequence number specifies the order of principals to apply when a user participates in more than one principal. For example, a user could be part of multiple permission sets that are applicable for a credential provider. Priority is from lower to higher numbers. If unsure, just use 1.|
|Identity Type||Choose either Named Principal or Per-User Principal. You can set up each external credential to use an org-wide named principal or per-user authentication. A named principal applies the same credential or authentication configuration for the entire org, while per-user authentication provides access control at the individual user level. We recommend Named Principal.|
Click Save to save the permission set.
If you followed the steps earlier on the assigning permissions page and created a custom Permission Set called EDQ User External Credentials then you should create a second Permission Set Mapping for this with a Sequence Number of 2 and the same Identity Type of Named Principal. If you configured things differently based on your own org setup, then add the relevant Permission Set here instead.
If you've set the Identity Type as Named Principal for both Permission Sets as suggested, then under Actions for each mapping you just created choose Authenticate.
Invalid Client ID error
You will then log in and and agree to allow Experian LEDQ the access it requires. If authentication is successful you will be redirected back to the External Credentials page and the mapping will have an Authentication Status of Configured.
Repeat this for the second Permission Set Mapping and you should end up with the following:
Now create some Named Credentials by navigating back to the Named Credentials page and clicking New on the right hand side.
Fill in the following Named Credential fields in the modal with these specifications:
|Label||Tooling API Layouts|
|URL||Use just the protocol and domain portion of the Callback URL provided from the Auth. Provider detail screen. Copy only up until the first / after the domain, e.g. https://example-domain.my.salesforce.com|
|External Credential||Select Tooling API Authentication|
|Managed Package Access|