Salesforce

You can configure Salesforce as a source or a target.

To configure the connection details for Salesforce in your Micro-Integration, see Salesforce Connection Parameters

You must also define at least one Micro-Integration Flow that specifies:

• the endpoints where data is consumed from and published to. For more information, see Micro-Integration Flow Parameters.

• how the header and payload fields should be mapped. For more information, see Mapping Headers and Payloads

For a listing of available message headers, see Salesforce Message Headers.

If you are deploying the Micro-Integration for Salesforce in a Customer-Controlled Region that routes outbound connections through a proxy, no additional configuration is required. The Micro-Integration receives the proxy settings automatically from the environment.

Salesforce Connection Parameters

The following table describes the connection parameters for Salesforce.

Field	Description
Pub/Sub API Endpoint	The endpoint used by the Salesforce Pub/Sub API. For example, the Salesforce Global Endpoint is api.pubsub.salesforce.com. For more information, see Pub/Sub API Endpoints in the Salesforce documentation.
Pub/Sub API Port	The port used by the Salesforce Pub/Sub API. Allowed values are 7443 and 443.
Login URL	The Salesforce login URL. For example: https://<personal_domain>.develop.my.salesforce.com/
Authentication Scheme	The authentication method to use when connecting to Salesforce. Choose one of: SOAP (Username/Password)—Use the legacy username and password authentication with SOAP. Additional parameters are required; for more information, see Salesforce Legacy Username and Password Parameters. Client Credentials—Use OAuth 2.0 client credentials. Additional parameters are required; for more information, see Salesforce OAuth 2.0 Client Credentials Parameters. JWT—Use the OAuth 2.0 JWT Bearer Flow. Additional parameters are required; for more information, see Salesforce OAuth 2.0 JWT Bearer Flow Parameters.

Salesforce Legacy Username and Password Parameters

Field	Description
Username	The Salesforce username to authenticate with.
Password	The password that corresponds to the Salesforce username.
Security Token	The security token generated by Salesforce. If you don't have a security token, click your avatar in Salesforce, then click Settings > Reset My Security Token. A new token is emailed to you.

Salesforce OAuth 2.0 Client Credentials Parameters

Field	Description
Client ID	The OAuth 2.0 Client ID to authenticate with. The Client ID might appear as "Consumer Key" in Salesforce. For more information, see Configure a Client Credentials Flow in the Salesforce documentation.
Client Secret	The OAuth 2.0 Client Secret. The Client Secret might appear as "Consumer Secret" in the OAuth Settings in Salesforce. For more information, see Configure a Client Credentials Flow in the Salesforce documentation.

Salesforce OAuth 2.0 JWT Bearer Flow Parameters

You must set up a connected app to use JWT. For more information, see Configure a JWT Bearer Flow in the Salesforce documentation.

In addition to following the Salesforce documentation instructions, you must ensure that Plugin Policies are set to Admin approved users are pre-authorized and the user profile/permission set is authorized for the connected app.

You can build and sign a JWT using the template on jwt.io. Change the default text to your client ID and username e-mail, then add your private key to sign the token.

To test your JWT before using it in the Micro-Integration, issue the following POST request:

POST <YOUR_LOGIN_URL>/services/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
							
grant_type= urn:ietf:params:oauth:grant-type:jwt-bearer&
assertion=eyJpc3MiOiAiM01WRz...[omitted for brevity]...ZT

Field	Description
Issuer	The OAuth client_id or the connected app for which you registered the certificate. Corresponds to the iss JWT claim.
Audience	The authorization server that is the intended audience. Corresponds to the aud JWT claim. Allowed values are: https://login.salesforce.com (Default value) https://test.salesforce.com https://site.force.com/customers (if this Micro-Integration is authenticating with a Salesforce Experience Cloud site)
Subject	The Salesforce user name to use for authentication. Corresponds to the sub JWT claim.
Private Key	The private key file used to sign the JWT. Both unencrypted and encrypted (PKCS #8 and OpenSSL/PEM) private keys are supported.
Private Key Password	The password for the private key if it is encrypted.

Micro-Integration Flow Parameters

You must configure the endpoint parameters for each Flow. Each Flow can have different settings, but they all share the connection details of the parent Micro-Integration. These parameters differ depending on whether Salesforce is configured as a source or a target.

Salesforce Source Parameters

The following table describes the parameters for configuring Salesforce as a source.

Field	Description
Last Value Queue	The name of the Last Value Queue (LVQ) on the Solace event broker to use for checkpointing. The Salesforce Micro-Integration stores the last successful Salesforce Replay ID in the LVQ. The LVQ must exist on the same event broker and VPN as the target destination.
LVQ Provision Mode	The provision mode for Last Value Queue (LVQ). Allowed values are: CREATE_IF_NOT_EXISTS—Create the LVQ if it does not exist. NONE—Do not create the LVQ.
Destination	The source of events from Salesforce. For example, Change Data Capture events (/data/ChangeEvents and /data/<OBJECT_NAME>ChangeEvents) or Custom Events (/event/<CUSTOM_EVENT_NAME>__e).

Salesforce Target Parameters

The following table describes the parameters for configuring Salesforce as a target.

Field	Description
Destination	The target destination. This must be a Custom Platform Event (for example, /event/<CUSTOM_EVENT_NAME>__e). Alternatively, you can set a Smart Topic Destination on the Mapping step, which will override this destination.