Definition
Named Credentials is a Setup page where administrators define secure, reusable endpoints for callouts to external services. A Named Credential stores the URL, authentication method (OAuth, password, JWT, etc.), and credentials in one place, so developers can reference it in Apex or Flow without hardcoding sensitive connection details.
Real-World Example
The developer at CloudSync creates a Named Credential called "PaymentGateway" with the payment API's URL and OAuth 2.0 client credentials. In her Apex code, she references the Named Credential by name instead of hardcoding the URL and credentials. When the API's OAuth client secret is rotated, the admin updates only the Named Credential, no code changes needed.
Why Named Credentials Matters
Named Credentials is a Setup page in Salesforce that serves as the centralized management interface for all Named Credential configurations in the org. From this page, administrators define secure, reusable endpoints for callouts to external services, specifying the URL, authentication method (OAuth 2.0, password, JWT, AWS Signature, custom headers, and more), and credential storage in a single configuration. The page provides a unified view of all external service connections, making it easy to audit which services the org connects to, what authentication methods are used, and when credentials were last modified.
As integration architectures grow more complex, the Named Credentials Setup page becomes the governance hub for external connectivity. Organizations with 20+ external integrations need a single place to manage credential lifecycles — rotating passwords, refreshing OAuth tokens, decommissioning deprecated endpoints, and auditing access patterns. The newer Named Credentials framework introduced by Salesforce separates the credential storage (External Credentials) from the endpoint definition (Named Credentials), enabling scenarios where multiple Named Credentials share the same authentication but point to different API paths. Organizations that govern all external connectivity through Named Credentials can respond to security incidents rapidly — revoking or rotating a compromised credential takes seconds instead of requiring a code deployment.
How Organizations Use Named Credentials
- CloudSync Solutions — CloudSync Solutions manages 25 external integrations from the Named Credentials page. Their integration architect conducts quarterly access reviews by exporting the Named Credentials list, verifying each endpoint is still in use, and confirming authentication methods meet the company's security policy. During a recent review, they identified three deprecated Named Credentials pointing to decommissioned services and removed them, reducing the org's attack surface.
- PayRight Financial — PayRight Financial uses the Named Credentials Setup page to configure a Named Credential called 'PaymentGateway' with OAuth 2.0 client credentials. The developer references this Named Credential in Apex code to process payments. When the payment provider announces an API version upgrade, the admin updates the URL path on the Named Credential page — the change takes effect immediately for all callouts without any code deployment or sandbox testing required.
- ShieldNet Security — ShieldNet Security leverages the new Named Credentials framework to create an External Credential that stores AWS IAM role-based authentication, then associates it with three separate Named Credentials pointing to different AWS services (S3, Lambda, DynamoDB). This architecture means rotating the AWS access key updates authentication for all three services simultaneously, while each Named Credential maintains its own unique endpoint URL.