Skip to main content

Authorization

Follow this guide to create a new Salesforce credential that will allow Nexla to authenticate to and exchange data with your Salesforce account.
sf_api_auth.png

Salesforce

Prerequisites

Before creating a Salesforce credential, you'll need to create a Connected App in your Salesforce organization and obtain OAuth 2.0 credentials (Client ID and Client Secret). Salesforce uses OAuth 2.0 for secure API access, requiring a Connected App to be registered in your Salesforce organization.

To create a Salesforce Connected App and obtain OAuth credentials:

  1. Log in to your Salesforce organization. You'll need administrator privileges or the "Manage Connected Apps" permission.

  2. Navigate to Setup by clicking the gear icon in the top right corner, then select Setup.

  3. In the Quick Find box, search for App Manager and click on it.

  4. Click New Connected App to create a new Connected App for API access.

  5. Fill in the required Connected App information:

    • Connected App Name: Enter a descriptive name for your application (e.g., "Nexla Integration")
    • API Name: This will be auto-generated based on the Connected App Name
    • Contact Email: Enter your email address

  6. In the API (Enable OAuth Settings) section:

    • Check Enable OAuth Settings
    • Callback URL: Enter the callback URL provided by Nexla. This URL will be displayed during the credential creation process in Nexla.
    • Selected OAuth Scopes: Select the OAuth scopes required for your integration. Common scopes include:
      • Full access (full): Full access to all data accessible by the logged-in user
      • Perform requests on your behalf at any time (refresh_token, offline_access): Allows the app to refresh tokens
      • Access the identity URL service (id, profile, email, address, phone): Access to user identity information
    • Require Secret for Web Server Flow: Leave this checked for security

  7. Click Save to create the Connected App. Salesforce may take a few minutes to activate the Connected App.

  8. After the Connected App is created, you'll see the Consumer Key (Client ID) and Consumer Secret (Client Secret). Copy these values immediately, as the Consumer Secret may only be displayed once.

  9. Note whether you're connecting to a Production or Sandbox instance. This determines which authorization and token URLs to use.

Salesforce OAuth 2.0 credentials are sensitive information and should be kept secure. The Consumer Secret (Client Secret) is only displayed once when the Connected App is created. If you've lost your Consumer Secret, you'll need to reset it in the Connected App settings. The Consumer Key (Client ID) can always be viewed in the Connected App details.

For detailed information about Salesforce OAuth 2.0 authentication and Connected App setup, refer to the Salesforce Connected Apps Guide and Salesforce OAuth 2.0 Web Server Flow Documentation.

Create a Salesforce Credential

  • To create a new Salesforce credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Credential Settings

  1. Select the Salesforce Instance Type from the dropdown menu. Choose either:

    • Production: For connecting to your production Salesforce organization
    • Sandbox: For connecting to a Salesforce sandbox instance

  2. The authorization and token URLs will be automatically configured based on your instance type selection:

    • Production: Uses https://login.salesforce.com for authorization and token endpoints
    • Sandbox: Uses https://test.salesforce.com for authorization and token endpoints

  3. Follow the OAuth 2.0 authorization flow:

    • Click the Authorize button to initiate the OAuth flow
    • You'll be redirected to Salesforce to log in and authorize the application
    • After authorization, you'll be redirected back to Nexla with the authorization code
    • Nexla will automatically exchange the authorization code for access and refresh tokens

    The OAuth 2.0 flow requires you to log in to your Salesforce account and authorize Nexla to access your Salesforce data. Make sure you have the necessary permissions in Salesforce to access the data you need. The authorization process will grant Nexla access based on the OAuth scopes configured in your Connected App.

Save the Credential

  1. Once the OAuth authorization is complete and all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.