External Credential
External credentials separate authentication configuration from the endpoint itself, replacing the older pattern of baking auth details into a single named credential.
Definition
An external credential defines how Salesforce authenticates to an outside system, the auth protocol, parameters, and per-principal credentials, separately from the named credential that defines the endpoint URL itself, splitting a pattern that used to live entirely in one named credential record. That separation lets one external credential's auth configuration back multiple named credentials pointing at different endpoints, but it also means a deployment can move the named credential's URL cleanly while leaving the external credential's actual secret values, which don't travel with metadata for security reasons, needing to be re-entered per org. Named principals and per-user principals on an external credential are also configured per environment, so a team migrating from legacy named credentials to the newer external credential model needs to rebuild that authentication setup by hand in every sandbox and in production, not just deploy it once. Our Salesforce authentication migration guide covers this migration path.
How it works in Serpent
Serpent surfaces credential and integration metadata as part of preflight checks so a migration to external credentials doesn't silently break an integration that was authenticating the old way, and task history keeps the change reviewable. See org management in Serpent for how integration-related metadata is tracked.

Start free. No credit card, no install, no commitment.
Set up in under 15 minutes. No DevOps hire needed.
