OAuth authentication using the SalesForce REST Custom Wrapper

Applies to: Denodo 6.0 , Denodo 5.5 , Denodo 5.0
Last modified on: 30 Jun 2020
Tags: Administration Security

Download document

You can translate the document:

Note

Starting from version 7.0, Denodo Platform provides a connector to Salesforce. To access SalesForce, it is recommended to use the new connector included in the Denodo Platform. See Creating a Salesforce Data Source section of Virtual DataPort Administration Guide for more information.

Content

In order to use the SalesForce REST Custom Wrapper with OAuth 2.0 Web server authentication flow, you need to provide the custom wrappers with the following parameters:

  • client id
  • refresh token
  • access token

You can configure in your SalesForce instance the duration of the access token, but it has to expire at some point. VDP automatically refreshes the access token (once expired) using the client id and refresh token of the application.

In order to get these tokens, you have to:

  • Client identifier (Referenced in Salesforce as Consumer Key)
  • Client secret (Referenced in Salesforce as Consumer Secret)

During the process you will need to provide a Callback URL, this should be the same that is specified as Redirect URL on Figure 1.

  • Obtain your user tokens using one of the following processes

With the VDP OAuth 2.0 Credentials Wizard you can input your SalesForce authentication details and follow the steps to obtain your tokens:

  1. Enter the authentication details:
  • Client identifier corresponds with the Salesforce’s Consumer Key
  • Client secret corresponds with the Saleforce’s Consumer Secret

Figure 1 OAuth 2.0 Credentials Wizard. Step 1

Note that the above screenshot configures access to a SalesForce SandBox instance. To configure access to a production instance, you should use login.salesforce.com instead of test.salesforce.com. Check the SalesForce documentation for more details.

In order for this wizard to work, the VDP Admin Tool must be executed in the same machine as the VDP Server. Salesforce requires a secure redirect URL as callback (HTTPS) except for localhost. If the wizard is being executed on a remote machine, to receive the Salesforce response, it is required to run a local VDP server to receive that response, configuring the wizard redirect URL with localhost as endpoint.

The Salesforce documentation specifies that the endpoints are the following:

    Authorization: https://login.salesforce.com/services/oauth2/authorize

    Token: https://login.salesforce.com/services/oauth2/token

    Revoke: https://login.salesforce.com/services/oauth2/revoke

  1. Click on “Generate the authentication URL”, and then on “Open URL”:

Figure 2 OAuth 2.0 Credentials Wizard. Step 2

This will open a browser like this one, where you should copy the generated URL:

Figure 3 OAuth 2.0 Credentials Wizard. Step 2. URL to paste

  1.  You need to paste the URL copied from the browser into the corresponding field:

Figure 4 OAuth 2.0 Credentials Wizard. Step 3

  1. Click on “Obtain the OAuth 2.0 credentials” and then click on “Copy the credentials to the clipboard

Figure 5 OAuth 2.0 Credentials Wizard. Step 4

This action will copy you to the clipboard the credentials that you will need to configure the Salesforce Custom Wrapper, i.e. client id, refresh token and access token (among others).

References

Virtual DataPort Administration Guide: OAuth Authentication

Questions

Ask a question
You must sign in to ask a question. If you do not have an account, you can register here

Featured content

DENODO TRAINING

Ready for more? Great! We offer a comprehensive set of training courses, taught by our technical instructors in small, private groups for getting a full, in-depth guided training in the usage of the Denodo Platform. Check out our training courses.

Training