View
604
Download
2
Category
Preview:
Citation preview
MULESOFT SALESFORCE CONNECTOR
- OAUTH 2.0 JWT BEARER
Vince Jason Soliza
Integrate salesforce using Salesforce Connector – OAuth 2.0 JWT Bearer
Prerequisites:• Install Salesforce Connector in Mulesoft - http://www.slideshare.net/VinceSoliza/mulesoft-salesforce-connector-intallation
• Create Salesforce Developer Account
What is Oauth 2.0 JWT Bearer?The OAuth 2.0 JWT bearer token flow is similar to a refresh token flow within OAuth. access_token is issued based on prior approval of the application, also the client doesn’t need to have or store consumer_secret, because it uses an uploaded certificate as the signing secret.
Required parameters of OAuth 2.0 JWT Bearer Configuration
Consumer KeyThe consumer key for the Salesforce connected app• Login to salesforce using your account• Click Setup, from the left menu, select Build->Create->Apps find the
Connected Apps section and click new.
Consumer Key• Follow these steps to created a new connected app: Enter the following information in the appropriate fields:
– A name for the connected app.– The API name.– Contact email.
• Under API (Enable OAuth Settings), select Enable OAuth Settings. • Enter the Callback URL.• Add the Full access (full) and Perform requests on your behalf at any
time (refresh_token, offline_access)OAuth scopes to Selected OAuth Scopes .
• Click Save, and then click Continue. Screenshot in the next slide.
Consumer Key
Consumer Key• Configure the Authorization settings for the app:• Click Manage, and then click Edit.• Under the OAuth Policies section, expand the Permitted Users drop-
down, and select All users may self-authorize.• Click Save.• Copy the consumer key found in Build->Create->Apps then click the app
name.
Keystore File and Password• Click Setup, from the left menu, select Administer->Security Controls->Certificate and Key Management.• Input values of Label and Unique Name. Click Save.• Download the certificate. I suggest you to rename it to salesforce-
cert.crt but is not required.• Go back to the list of certificates, then click Export To Keystore.
• Enter desired keystore password then click export. The keystore will be downloaded to you. I suggest you to rename it to salesforce-keystore.jks but is not required.
Keystore File and Password• Go back to Setup->Build->Create->Apps find the connected app then
click edit.• Click use digital signiture then upload the certificate file (salesforce-
cert.crt) you created. Click Save then Continue.• Copy both the key store (salesforce-keystore.jks) and the public key
(salesforce-cert.crt) files in your workspace.
Principal• The Salesforce username account you are using.
Authorize the connected application
• Run this in your browser or you could use curl, replacing <consumer_key> with the consumer key of your connected app. – https
://login.salesforce.com/services/oauth2/authorize?client_id=<consumer_key>&redirect_uri=https://www.getpostman.com/oauth2/callback&response_type=code
• Click Allow to grant access, disregard the response as long as the request is successful. You will know if it's successful if code is provided in the callback url.
Create Simple FlowHTTP:inbound -> Salesforce Connector -> Dataweave
Salesforce ConfigurationCreate new Oauth 2.0 JWT bearer configuration.
• Double click the salesforce connector.• In the properties, click ‘+’ .• Select Salesforce OAuth 2.0 JWT Bearer.• Select operation Get ServerTimestamp
Salesforce Configuration• Fillout the required parameters we gathered in the early
steps. • Validated configuration should be successful.
Test the Application• Run & test the application by invoking the http endpoint using
postman or any client you're used to, like soapui or plain browsers.
• We should have a successful response with the server timestamp from salesforce.
Summary
• Implementing OAuth 2.0-related authentication mechanisms, involves a few extra steps than Basic Authentication, but may be preferred if your service is exposed to external users, as it ensures better security.
• The OAuth 2.0 JWT bearer token flow defines how a JWT can be used to request an OAuth access token from Salesforce when a client wishes to utilize a previous authorization. Authentication of the authorized application is provided by a digital signature applied to the JWT.
QUESTIONS?Please leave a comment
Recommended