18
MULESOFT SALESFORCE CONNECTOR - OAUTH 2.0 JWT BEARER Vince Jason Soliza

Mulesoft Salesforce Connector - OAuth 2.0 JWT Bearer

Embed Size (px)

Citation preview

Page 1: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

MULESOFT SALESFORCE CONNECTOR

- OAUTH 2.0 JWT BEARER

Vince Jason Soliza

Page 3: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

What is Oauth 2.0 JWT Bearer?The OAuth 2.0 JWT bearer token flow is similar to a refresh token flow within OAuth. access_token is issued based on prior approval of the application, also the client doesn’t need to have or store consumer_secret, because it uses an uploaded certificate as the signing secret.

Page 4: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Required parameters of OAuth 2.0 JWT Bearer Configuration

Page 5: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Consumer KeyThe consumer key for the Salesforce connected app• Login to salesforce using your account• Click Setup, from the left menu, select Build->Create->Apps find the

Connected Apps section and click new.

Page 6: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Consumer Key• Follow these steps to created a new connected app: Enter the following information in the appropriate fields:

– A name for the connected app.– The API name.– Contact email.

• Under API (Enable OAuth Settings), select Enable OAuth Settings. • Enter the Callback URL.• Add the Full access (full) and Perform requests on your behalf at any

time (refresh_token, offline_access)OAuth scopes to Selected OAuth Scopes .

• Click Save, and then click Continue. Screenshot in the next slide.

Page 7: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Consumer Key

Page 8: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Consumer Key• Configure the Authorization settings for the app:• Click Manage, and then click Edit.• Under the OAuth Policies section, expand the Permitted Users drop-

down, and select All users may self-authorize.• Click Save.• Copy the consumer key found in Build->Create->Apps then click the app

name.

Page 9: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Keystore File and Password• Click Setup, from the left menu, select Administer->Security Controls->Certificate and Key Management.• Input values of Label and Unique Name. Click Save.• Download the certificate. I suggest you to rename it to salesforce-

cert.crt but is not required.• Go back to the list of certificates, then click Export To Keystore.

• Enter desired keystore password then click export. The keystore will be downloaded to you. I suggest you to rename it to salesforce-keystore.jks but is not required.

Page 10: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Keystore File and Password• Go back to Setup->Build->Create->Apps find the connected app then

click edit.• Click use digital signiture then upload the certificate file (salesforce-

cert.crt) you created. Click Save then Continue.• Copy both the key store (salesforce-keystore.jks) and the public key

(salesforce-cert.crt) files in your workspace.

Page 11: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Principal• The Salesforce username account you are using.

Page 12: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Authorize the connected application

• Run this in your browser or you could use curl, replacing <consumer_key> with the consumer key of your connected app. – https

://login.salesforce.com/services/oauth2/authorize?client_id=<consumer_key>&redirect_uri=https://www.getpostman.com/oauth2/callback&response_type=code

• Click Allow to grant access, disregard the response as long as the request is successful. You will know if it's successful if code is provided in the callback url.

Page 13: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Create Simple FlowHTTP:inbound -> Salesforce Connector -> Dataweave

Page 14: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Salesforce ConfigurationCreate new Oauth 2.0 JWT bearer configuration.

• Double click the salesforce connector.• In the properties, click ‘+’ .• Select Salesforce OAuth 2.0 JWT Bearer.• Select operation Get ServerTimestamp

Page 15: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Salesforce Configuration• Fillout the required parameters we gathered in the early

steps. • Validated configuration should be successful.

Page 16: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Test the Application• Run & test the application by invoking the http endpoint using

postman or any client you're used to, like soapui or plain browsers.

• We should have a successful response with the server timestamp from salesforce.

Page 17: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

Summary

• Implementing OAuth 2.0-related authentication mechanisms, involves a few extra steps than Basic Authentication, but may be preferred if your service is exposed to external users, as it ensures better security.

• The OAuth 2.0 JWT bearer token flow defines how a JWT can be used to request an OAuth access token from Salesforce when a client wishes to utilize a previous authorization. Authentication of the authorized application is provided by a digital signature applied to the JWT.

Page 18: Mulesoft Salesforce Connector -  OAuth 2.0 JWT Bearer

QUESTIONS?Please leave a comment