Named Credential Explained
Named Credentials abstract away endpoint URLs and authentication logic from Apex code. Instead of storing passwords or tokens in custom settings or hard-coding them in Apex, developers reference a Named Credential by name, and Salesforce handles authentication automatically at runtime. This approach is more secure (credentials never appear in code or debug logs), more maintainable (changing an endpoint requires only a metadata update), and easier to migrate across environments.
The Named Credential framework supports multiple authentication protocols: Password Authentication (basic auth), OAuth 2.0 (client credentials, JWT bearer, authorization code), AWS Signature Version 4, and custom headers. Since the Summer '22 redesign, Named Credentials use a two-layer model: an External Credential defines the authentication protocol and principal, while the Named Credential specifies the endpoint URL and references the External Credential. Permission Set Mappings control which users can use which principals. Clientell AI leverages Named Credentials for all external integrations it configures in your org, ensuring credentials are never exposed in code.
Related Salesforce Terms
Connected App
A Connected App is a configuration framework that enables an external application to integrate with Salesforce using OAuth 2.0, SAML, or other standard protocols.
Apex
Apex is Salesforce's proprietary, strongly-typed programming language used to execute custom business logic on the Lightning Platform.
Shield Platform Encryption
Shield Platform Encryption encrypts sensitive data at rest in Salesforce using tenant-specific encryption keys, protecting it beyond standard database-level encryption.