Salesforce

You can configure Salesforce as a source or a target. The parameters are described in the following tables:

Salesforce Source Parameters
Salesforce Target Parameters

For message headers, see Salesforce Message Headers.

If you are deploying the Connector for Salesforce in a Customer-Controlled Region that routes outbound connections through a proxy, no additional configuration is required. The Micro-Integration receives the proxy settings automatically from the environment.

Salesforce Source Parameters

The following table describes the parameters for configuring Salesforce as a source.

Field	Description
Pub/Sub API Endpoint	The endpoint used by the Salesforce Pub/Sub API. For example, the Salesforce Global Endpoint is `api.pubsub.salesforce.com`. For more information, see Pub/Sub API Endpoints in the Salesforce documentation.
Pub/Sub API Port	The port used by the Salesforce Pub/Sub API. Allowed values are `7443` and `443`.
Login URL	The Salesforce login URL. For example: `https://<personal_domain>.develop.my.salesforce.com/`
Authentication Scheme	The authentication method to use when connecting to Salesforce. Choose one of: USERNAME_PASSWORD_SOAP—Use the legacy username and password authentication with SOAP. Additional parameters are required; for more information, see Salesforce Legacy Username and Password Parameters. CLIENT_CREDENTIALS—Use OAuth 2.0 client credentials. Additional parameters are required; for more information, see Salesforce OAuth 2.0 Client Credentials Parameters. JWT—Use the OAuth 2.0 JWT Bearer Flow. Additional parameters are required; for more information, see Salesforce OAuth 2.0 JWT Bearer Flow Parameters.
Last Value Queue	The name of the Last Value Queue (LVQ) on the PubSub+ event broker to use for checkpointing. The Salesforce Micro-Integration stores the last successful Salesforce Replay ID in the LVQ. The LVQ must exist on the same event broker and VPN as the target destination.
Destination	The source of events from Salesforce. For example, Change Data Capture events (`/data/ChangeEvents` and `/data/<OBJECT_NAME>ChangeEvents`) or Custom Events (`/event/<CUSTOM_EVENT_NAME>__e`).

Salesforce Target Parameters

The following table describes the parameters for configuring Salesforce as a target.

Field	Description
Pub/Sub API Endpoint	The endpoint used by the Salesforce Pub/Sub API. For example, the Salesforce Global Endpoint is `api.pubsub.salesforce.com`. For more information, see Pub/Sub API Endpoints in the Salesforce documentation.
Pub/Sub API Port	The port used by the Salesforce Pub/Sub API. Allowed values are `7443` and `443`.
Login URL	The Salesforce login URL. For example: `https://<personal_domain>.develop.my.salesforce.com/`).
Authentication Flow	The authentication method to use when connecting to Salesforce. Choose one of: USERNAME_PASSWORD_SOAP—Use the legacy username and password authentication with SOAP. Additional parameters are required; for more information, see Salesforce Legacy Username and Password Parameters. CLIENT_CREDENTIALS—Use OAuth 2.0 client credentials. Additional parameters are required; for more information, see Salesforce OAuth 2.0 Client Credentials Parameters. JWT—Use the OAuth 2.0 JWT Bearer Flow. Additional parameters are required; for more information, see Salesforce OAuth 2.0 JWT Bearer Flow Parameters.
Destination	The source of events from Salesforce. For example, Change Data Capture events (`/data/ChangeEvents` and `/data/<OBJECT_NAME>ChangeEvents`) or Custom Events (`/event/<CUSTOM_EVENT_NAME>__e`).

Salesforce Legacy Username and Password Parameters

Field	Description
Username	The Salesforce username to authenticate with.
Password	The password that corresponds to the Salesforce username.
Security Token	The security token generated by Salesforce. If you don't have a security token, click your avatar in Salesforce, then click Settings > Reset My Security Token. A new token is emailed to you.

Salesforce OAuth 2.0 Client Credentials Parameters

Field	Description
Client ID	The OAuth 2.0 Client ID to authenticate with. The Client ID might appear as "Consumer Key" in Salesforce. For more information, see Configure a Client Credentials Flow in the Salesforce documentation.
Client Secret	The OAuth 2.0 Client Secret. The Client Secret might appear as "Consumer Secret" in the OAuth Settings in Salesforce. For more information, see Configure a Client Credentials Flow in the Salesforce documentation.

Field

Description

Client ID

The OAuth 2.0 Client ID to authenticate with. The Client ID might appear as "Consumer Key" in Salesforce.

For more information, see Configure a Client Credentials Flow in the Salesforce documentation.

Client Secret

The OAuth 2.0 Client Secret. The Client Secret might appear as "Consumer Secret" in the OAuth Settings in Salesforce.

For more information, see Configure a Client Credentials Flow in the Salesforce documentation.

Salesforce OAuth 2.0 JWT Bearer Flow Parameters

You must set up a connected app to use JWT. For more information, see Configure a JWT Bearer Flow in the Salesforce documentation.

In addition to following the Salesforce documentation instructions, you must ensure that Plugin Policies are set to Admin approved users are pre-authorized and the user profile/permission set is authorized for the connected app.

You can build and sign a JWT using the template on jwt.io. Change the default text to your client ID and username e-mail, then add your private key to sign the token.

To test your JWT before using it in the Micro-Integration, issue the following POST request:

POST <YOUR_LOGIN_URL>/services/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
							
grant_type= urn:ietf:params:oauth:grant-type:jwt-bearer&
assertion=eyJpc3MiOiAiM01WRz...[omitted for brevity]...ZT

Field	Description
Issuer	The OAuth `client_id` or the connected app for which you registered the certificate. Corresponds to the `iss` JWT claim.
Audience	The authorization server that is the intended audience. Corresponds to the `aud` JWT claim. Allowed values are: `https://login.salesforce.com` (Default value) `https://test.salesforce.com` `https://site.force.com/customers` (if this Micro-Integration is authenticating with a Salesforce Experience Cloud site)
Subject	The Salesforce user name to use for authentication. Corresponds to the `sub` JWT claim.
Private Key	The private key file used to sign the JWT. Both unencrypted and encrypted (PKCS #8 and OpenSSL/PEM) private keys are supported.
Private Key Password	The password for the private key if it is encrypted.

Provide feedback