AI Docs

Creating a Salesforce Connector

5 min read

Creating a Salesforce Connector

Managing API client access to Salesforce

The Certero connector for Salesforce uses the Salesforce API to connect and retrieve data (read only) from Salesforce. The Salesforce API use industry standard OAuth 2.0 protocols for authentication and authorization.

For more information on what OAuth is and how this flow works between a Certero Endpoint Server and Salesforce, please see the following link:

Salesforce OAuth2 Overview

To setup a connection between Certero and Salesforce you will need to:

  • Create a user within Salesforce that has access to an email address.

  • Turn on API access.

  • Create the required Security Token - Salesforce security requires that a Security Token is sent to the above user’s email.

Follow the steps below using your preferred option, taking into account that the look and feel of your instance of Salesforce may vary depending on the version you have enabled (Lightening or Classic).

Option 1: Enabling the Salesforce API using a Profile.

1. Sign into your Salesforce instance using an administrator account, not a standard user account.

2. Click on Setup and navigate to Users > Profiles:

Depending on the version you have enabled (Lightning or Classic), these settings could be under the Manage User option.

3. In the list of Profiles available, select the profile that contains the user you are going to use to connect to the Salesforce API and click Edit.

4. In the view profile screen, scroll down to Administrative Permissions and ensure the ‘API Enabled’ box is checked.

5. Ensure that the boxes are checked for the following permissions:

Standard object permissions

Accounts – read and view all

Administrative permissions

Assign Permission Sets
Customize Application
Manage Custom Permissions
Manage Internal Users
Manage IP Addresses
Manage Login Access Policies
Manage Package Licenses
Manage Password Policies
Manage Profiles and Permission Sets
Manage Roles
Manage Sharing
Manage Users
Reset User Passwords and Unlock Users
View All Users
View Roles and Role Hierarchy
View Setup and Configuration

General user permissions

Manage Multi-Factor Authentication in API
Manage Multi-Factor Authentication in User Interface

6. Click Save.

Option 2: Enabling the Salesforce API Using a Permission Set

1. Sign into your Salesforce instance using an administrator account, not a standard user account.

2. Click on Setup and navigate to Users > Permission Sets:

Depending on the version you have enabled (Lightening or Classic), these settings could be under the Manage User option.

3. In the list of Permission Sets available, select the Permission Set that contains the user you are going to use to connect to the Salesforce API and click on its name.

4. Go to the System section and click on System Permissions:

5. Click Edit.

6. Ensure the API Enabled box is checked:

7. Ensure that the boxes are checked for the following permissions:

Standard object permissions

Accounts – read and view all

Administrative permissions

Assign Permission Sets
Customize Application
Manage Custom Permissions
Manage Internal Users
Manage IP Addresses
Manage Login Access Policies
Manage Package Licenses
Manage Password Policies
Manage Profiles and Permission Sets
Manage Roles
Manage Sharing
Manage Users
Reset User Passwords and Unlock Users
View All Users
View Roles and Role Hierarchy
View Setup and Configuration

General user permissions

Manage Multi-Factor Authentication in API
Manage Multi-Factor Authentication in User Interface

8. Click Save.

Certero for Cloud Salesforce Connector Credentials

Using the steps above, you have created a Salesforce user that will be used with the Certero Connector which needs to be created as a Connected App within the Salesforce Administration section, as follows:

1. If you have not done so already, Sign into your Salesforce instance using an administrator account, not a standard user account.

2. Click on Setup and navigate to User Interface > App Manager:

In some versions of Salesforce this setting is found Under Apps > App Manager.

3. In the top right-hand corner of the App Manager screen click on the ‘New Connected App’ button:

4. In the New Connected App screen, the following field values and settings are required:

  • Connected App Name – This value should represent a name for this App that you can easily identify such as CerteroAPIAccess.

  • API Name – this should be set to the same as the Connected App Name.

  • Contact Email – This should be an email address that can receive emails.

  • Enable OAuth Settings – this value should be checked

  • Callback URL – this should be set to https://login.salesforce.com/services/oauth2/success

  • Selected OAuth Scopes – these should all be added to the selected OAuth scopes for full API Access.

  • Require Secret for Webserver – this value should be checked.

5. Click Save.

6. In the App Manager screen, find the App you have just created and on the right-hand side of the list click on the options arrow and select View:

7. In this screen you will need to take a note of the Consumer Key and Consumer Secret. To view the Consumer Secret, you will need to click on the ‘Click to reveal’ link.

Endpoint Server Internet Access

The Certero Endpoint Server running the Salesforce connector role will require the following outbound networking the Internet:

  • Port 443 outbound to salesforce.com

  • Port 80 and/or 443 outbound to <yourinstance>.salesforce.com . The requirement for 80 and 443 will depend on how your Salesforce instance website is configured.

If IP addresses are required for whitelisting, refer to the Salesforce’s IP Ranges section (the first table) of this vendor guide: https://help.salesforce.com/articleView?id=000321501&type=1&mode=1

Create a new Salesforce Connector

Enable the feature for the Endpoint Server

1. Within Certero , select Administration > Endpoint Servers , right click on the endpoint server the Salesforce connector will be ran against and choose properties.

2. Click on the Features option.

3. Enable the Salesforce Connector row.

4. Click on Save:

Create a connector for Salesforce

1. In Certero > Connectors > Salesforce Connectors, click the ‘ New ’ button.

2. Add a name and description.

3. Enter the domain of your Salesforce instance. For example, if your instance is at “https:// d1t000000czokeak-dev-ed.lightning.force.com”, enter “d1t000000czokeak-dev-ed”.

4. Copy the Consumer Key and paste into the Client ID .

5. Copy the Consumer Secret and paste into the Client Secret .

6. Click Authorize and if prompted login, then allow access to compete this process.

7. You will now see a screen similar to this:

8. Copy the Token from this screen and paste it into the Token field.

9. Set the Schedule.

10. Click Save.