Salesforce Connector and Datasource Configuration

Salesforce REST API to extract data from a Salesforce repository via a Salesforce Connected App.

This service has an authentication procedure and API usage limits.

Note
You need to have the Consumer Key and Consumer Secret of the Salesforce Connected App, which must be created by a Salesforce administrator for the account. Instructions on how to do this follow the datasource configuration details.
Note
Salesforce authentication requires a security token as well as a user password. A security token is an automatically-generated key from Salesforce For more information on security tokens see Reset Your Security Token in the online help.

Security Trimming

When you enable security trimming for a Salesforce connector, the system uses the Fusion username and tries finding the identical ID in Salesforce. If it finds this ID, then it uses the permissions given to that ID in Salesforce and applies a filter to the search query. If the ID is not found then it applies a filter to block all documents from being shown.

The security trimming feature assumes that the Fusion username is the same as Salesforce alias. When retrieving data from Salesforce, the connector retrieves the user Id based on the Fusion username (Salesforce alias) via the query:

     Select Id from User WHERE alias={username}

If it isn’t found, then the connector will create a security filter to deny access to all documents.

If you are logged into the Fusion UI or send a request to the REST API with username "admin", the Salesforce connector uses that as the value of property "salesforce_username". Therefore, in Fusion, you must have accounts which reflect the Salesforce accounts.

Creating a Salesforce Connected App

Before creating the datasource, a Salesforce administrator for the account must create a Salesforce Connected App in Salesforce:

  • Go to Setup > Create > Apps and in the Connected Apps section and click the new button

  • Add values to the following properties:

    • Connected App Name

    • API Name

    • Contact Email

    • Check the property Enable OAuth Settings

  • More properties should be displayed:

    • Callback URL: You can use a dumb HTTPS URL e.g. https://mydomain.com/auth

    • Selected OAuth Scopes: Select Full Access(full) scope

  • Save the new Connected App

  • After this step a message will be displayed, click the continue button.

  • In the section API (Enable OAuth Settings) the consumer key and consumer secret should be displayed, which will be used on the datasource

For the Salesforce credentials the user must be a System Administrator or one with no restrictions (able to access all the objects and fields)

Configuration

Tip
When entering configuration values in the UI, use unescaped characters, such as \t for the tab character. When entering configuration values in the API, use escaped characters, such as \\t for the tab character.