Named Credential
A Salesforce setting that securely stores the URL and authentication for an external API callout, so admins and code never handle raw keys.
A Named Credential is a Salesforce configuration that bundles the URL of an external endpoint together with its authentication details into a single, reusable definition. Instead of hardcoding API keys, tokens, or passwords inside Apex or flows, you reference the Named Credential by name and let Salesforce handle the authentication for every callout.
How it works
A modern Named Credential pairs with an External Credential, which holds the actual secrets (OAuth tokens, API keys, certificates) and the authentication protocol. The Named Credential points to the endpoint URL and links to that External Credential. When Apex or a Flow makes a callout, Salesforce injects the right credentials at runtime, manages token refresh, and enforces permission-set access — so secrets never appear in code, logs, or page layouts.
How it applies in Salesforce and to GPTfy BYOM
GPTfy is a Salesforce-native AI layer with a Bring Your Own Model (BYOM) approach: you connect your own LLM — Claude, GPT, Gemini, or an enterprise-hosted model — and run it inside your org. Named Credentials are the secure bridge that makes this possible.
For example, to connect Anthropic's Claude, an admin creates a Named Credential pointing to the model provider's endpoint and an External Credential holding the API key. GPTfy then calls the model through that Named Credential. The key stays encrypted in Salesforce, access is governed by permission sets, and your record data can be PII-masked before it ever leaves the org. No developer ever pastes a raw key into Apex.
FAQ
What is a Named Credential in Salesforce? It is a setup definition that stores an external endpoint URL and its authentication so Apex callouts, Flows, and apps can connect securely without hardcoded secrets.
What is the difference between a Named Credential and an External Credential? The External Credential stores the secrets and authentication protocol; the Named Credential stores the endpoint URL and references the External Credential. Modern integrations use both together.
Why do Named Credentials matter for AI tools like GPTfy? They let GPTfy connect your chosen LLM with enterprise-grade security — encrypted keys, permission-set access, and no credentials exposed in code — which is essential for BYOM deployments.
Related terms
Browse all terms- BYOM (Bring Your Own Model)An architecture letting enterprises plug their preferred LLM (Claude, GPT-4, Gemini, Llama) into Salesforce instead of being locked to the vendor's default.
- PII MaskingDetecting and redacting personally identifiable information (names, emails, SSNs) from text before sending to an external LLM, then restoring in the response.
- LLM (Large Language Model)A neural network trained on massive text corpora to predict and generate text — the foundation behind ChatGPT, Claude, Gemini, and modern AI assistants.
See it in your Salesforce org
See Named Credential running in GPTfy
Book 30 minutes with a GPTfy engineer to see how Named Credential actually works inside a Salesforce org like yours.
Book a demo