Salesforce

Available when using an authoring Data Collector version 3.19.0 or later.

To create a Salesforce connection, the Salesforce stage library, streamsets-datacollector-salesforce-lib, must be installed on the selected authoring Data Collector.

For a description of the Salesforce connection properties, see Salesforce Connection Properties.

After you create a Salesforce connection, you can use the connection in the following stages:


Engine	Stages
Data Collector 5.0.0 or later	Salesforce Bulk API 2.0 origin Salesforce Bulk API 2.0 Lookup processor Salesforce Bulk API 2.0 destination
Data Collector 3.19.0 or later	Salesforce origin Salesforce Lookup processor Salesforce destination Tableau CRM destination

Authentication Types

You can configure Salesforce connections to connect to Salesforce using the following authentication types:

Basic Authentication: You can specify a user name and password to use for basic authentication with Salesforce.; When enabled in Salesforce, you can also use mutual authentication to connect.
Connected App with OAuth: You can configure a Salesforce stage or connection to connect to Salesforce using OAuth 2.0. The stage or connection then uses an OAuth-enabled Salesforce connected app and the Salesforce implementation of JWT Bearer Flow to enable machine-to-machine OAuth.; To use this authentication method, you must complete several prerequisite tasks. Then in the stage or connection, you specify a user name, consumer key, and private key.
Note: Using the Connected App with OAuth is supported in Data Collector 3.22.0 or later.
When enabled in Salesforce, you can also use mutual authentication to connect.

Changing the API Version

By default, a Salesforce connection uses version 57.0.0 of the Salesforce Web Services Connector libraries. You can use a different Salesforce API version if you need to access functionality not present in version 57.0.0.

Important: You must complete these steps on all registered Data Collectors that access the connection. For example, you must download the Salesforce JAR files on the authoring Data Collector so that you can test the connection or preview a pipeline that uses the connection. Similarly, you must download the JAR files on the execution Data Collector so that you can run a pipeline that uses the connection.

On the Salesforce tab, set the API Version property to the version that you want to use.
Download the relevant version of the following JAR files from Salesforce Web Services Connector (WSC):
- WSC JAR file - force-wsc-<version>.0.0.jar
- Partner API JAR file - force-partner-api-<version>.0.0.jar
Where <version> is the API version number.

For information about downloading libraries from Salesforce WSC, see the Salesforce Developer documentation.
In the following Data Collector directory, replace the default force-wsc-57.0.0.jar and force-partner-api-57.0.0.jar files with the versioned JAR files that you downloaded:
```
$SDC_DIST/streamsets-libs/streamsets-datacollector-salesforce-lib/lib/
```
Restart Data Collector for the changes to take effect.

Salesforce Connection Properties

When creating a Salesforce connection, configure the following properties on the Salesforce tab:


Salesforce Property	Description
Auth Endpoint	Salesforce SOAP API authentication endpoint. For example, you might enter one of the following common values: `login.salesforce.com` - Use to connect to a Production or Developer Edition organization. `test.salesforce.com` - Use to connect to a sandbox organization. Default is `login.salesforce.com`.
API Version	Salesforce API version used to connect to Salesforce. Default is 57.0.0. If you change the version, you also must download the relevant JAR files from Salesforce Web Services Connector (WSC).
Authentication Type	Authentication type to use to connect to Salesforce: Basic Authentication - Specify a user name and password. Connected App with OAuth - Use an OAuth 2.0-enabled connected app to enable machine-to-machine OAuth with JWT Bearer Flow.
Username	Salesforce username in the following email format: `<text>@<text>.com`. When using Connected App with OAuth authentication, the user must be authorized to use the app.
Password	Salesforce password. If the Data Collector machine is outside the trusted IP range configured in your Salesforce environment, you must use a security token along with the password. Use Salesforce to generate a security token and then set this property to the password followed by the security token. For example, if the password is `abcd` and the security token is `1234`, then set this property to `abcd1234`. For more information on generating a security token, see Reset Your Security Token. Tip: To secure sensitive information, you can use credential stores or runtime resources.
Consumer Key	Consumer key from the connected app. Tip: To secure sensitive information, you can use credential stores or runtime resources. Available when using Connected App with OAuth authentication.
Private Key	Private key from the public key certificate that you used with the connected app. Ensure that the key is formatted correctly, with no spaces or extra line breaks. Tip: To secure sensitive information, you can use credential stores or runtime resources. Available when using Connected App with OAuth authentication.
Subscribe Timeout	Maximum time to allow for subscribing to a Salesforce channel, in seconds. Not used by Salesforce Bulk API 2.0 stages.
Connection Handshake Timeout	Maximum time to wait for a Salesforce connection handshake, in seconds. Not used by Salesforce Bulk API 2.0 stages.

Optionally, configure the following properties on the Advanced tab.

The defaults for these properties should work in most cases:


Advanced Property	Description
Use Proxy	Specifies whether to use an HTTP proxy to connect to Salesforce.
Proxy Hostname	Proxy host.
Proxy Port	Proxy port.
Proxy Requires Credentials	Specifies whether the proxy requires a user name and password.
Proxy Realm	Authentication realm for the proxy server.
Proxy Username	User name for proxy credentials.
Proxy Password	Password for proxy credentials. Tip: To secure sensitive information, you can use credential stores or runtime resources.
Use Mutual Authentication	When enabled in Salesforce, you can use SSL/TLS mutual authentication to connect to Salesforce. Mutual authentication is not enabled in Salesforce by default. To enable mutual authentication, contact Salesforce. Before enabling mutual authentication, you must store a mutual authentication certificate in the Data Collector resources directory. For more information, see Keystore and Truststore Configuration.
Use Remote Keystore	Enables loading the contents of the keystore from a remote credential store or from values entered in the stage properties.
Private Key	Private key used in the remote keystore. Enter a credential function that returns the key or enter the contents of the key. For more information, see credential functions.
Certificate Chain	Each PEM certificate used in the remote keystore. Enter a credential function that returns the certificate or enter the contents of the certificate. Using simple or bulk edit mode, click the Add icon to add additional certificates.
Keystore File	Path to the local keystore file. Enter an absolute path to the file or enter the following expression to define the file stored in the Data Collector resources directory: `${runtime:resourcesDirPath()}/keystore.jks` Important: The file must exist in the same location on all execution engines that access the connection. By default, no keystore is used.
Keystore Type	Type of keystore to use. Use one of the following types: Java Keystore File (JKS) PKCS #12 (p12 file) Default is Java Keystore File (JKS).
Keystore Password	Password to the keystore file. A password is optional, but recommended. Tip: To secure sensitive information, you can use credential stores or runtime resources.
Keystore Key Algorithm	Algorithm to manage the keystore. Default is SunX509.