What does a signed request in Salesforce primarily contain?

A signed request in Salesforce primarily contains authorization information. This is critical for ensuring that the request being made to Salesforce is coming from a legitimate source and has not been tampered with during transit. When a signed request is generated, it typically includes a digital signature that validates the authenticity and integrity of the data being sent. This helps maintain a secure communication channel between the client and Salesforce, ensuring that only trusted requests are processed.

Including authorization information helps Salesforce verify that the request is associated with the appropriate permissions and access rights for the user or application that is making the request, enhancing the overall security framework of the integration process. This is essential in scenarios where sensitive data and operations are involved, making the integrity of the communication paramount.