Authentication action in Salesforce package

The Authentication action authenticates the automation session with Salesforce. This action is required before configuring subsequent actions for various Salesforce operations.

Note: Ensure that you enable the Allow OAuth Username-Password Flows toggle in OAuth and OpenID Connect Settings of your Salesforce environment as the OAuth 2.0 Username-Password Flow is blocked by default. For more information, see OAuth and OpenID Connect Settings..

The following authentication types are available to connect to Salesforce:

  • OAuth2 - Client Credentials: This authentication type uses the Salesforce authentication parameters such as Client ID, Client secret, and account credentials (username and password) to authenticate the session.
  • Control room OAuth connection: This authentication type uses a pre-configured OAuth connection available in the Control Room for authentication.
Note: The examples and graphics provided on this page are for representation purposes only and may not accurately reflect your specific instance. We do not assume responsibility for their maintenance or accuracy.

Prerequisites

  • Ensure that the OAuth for the connected app in Salesforce has appropriate OAuth Access Policies set. See Manage OAuth Access Policies for a Connected App for more information about managing OAuth policies for connected apps in Salesforce.
  • If the policy is set to Admin approved users are pre-authorized for a particular user, ensure that the Salesforce administrator has provided relevant permissions for the user.

Procedure

  1. Log in to the Control Room.
  2. Create a new bot or modify an existing bot. For more details, see Create your first bot.
  3. From the Actions pane, select Salesforce > Authentication and place it under the Start of the bot flow.
  4. In the Authentication Type field, select the authentication method from the drop down.
  5. To view client ID and client secret details for OAuth2 - Client Credentials authentication, complete the following steps:
    1. Log in to the Salesforce Enterprise Edition (Lightning Experience - Salesforce Login), click Salesforce gear icon, and select Setup on your connected app. For more information about creating a new connected app, see Salesforce Connected Apps.
    2. In the Lightning Experience App Manager, click App Manager.
      Salesforce App Manger
    3. Click the down arrow next to app name and select View.
      The Manage Connected Apps screen appears. For more information about managing connected apps, see Salesforce Manage Connected Apps.
    4. Click Manage Consumer Details.
    5. Click Copy that corresponds to Consumer Key.
    6. Click Copy that corresponds to Consumer Secret.Copy Key and Secret from Saleforce
  6. To connect using OAuth2 - Client Credentials, complete the following steps:
    1. In the Client ID field, paste the Consumer Key copied from the Salesforce Connected App. In this illustration Insecure string is used, while you can use Credential or Variable options for better security.
    2. In the Client Secret field, paste the Consumer Key copied from the Salesforce Connected App. Integrating Saleforce
    3. Enter the Salesforce username.
    4. Enter the Salesforce password.
      Note: You can use one of the following options to specify the Client ID/Client secret/ Salesforce username/ Salesforce password:
      • Credential: Enables you to use a value in the Credential Vault that contains information about the Client ID/Client secret/Salesforce username/Salesforce password.
      • Variable: Enables you to use a credential variable that contains information about the Client ID/Client secret/Salesforce username/Salesforce password.
      • Insecure string: Enables you to enter the Client ID/Client secret/Salesforce username/Salesforce password manually.
    5. Select Production to log into a live environment or Sandbox to log into a testing environment.
  7. To configure a Control room OAuth connection in Salesforce, complete the following steps:
    1. Complete step 1 to step 5 in Create OAuth connection.
    2. Log in to Salesforce as an Admin and navigate to App Manager to create a new connected app.
    3. Enter the following details:
      • Connected App name
      • API name
      • Contact email
      • Select the Enable OAuth Settings check box.
      • Add the Callback URL from Create OAuth connection as an authorized redirect URI.
      • Select the OAuth scopes as Manage user data via APIs (API) and Perform requests at any time (refresh_token, offline_access).
        Note: For the Control Room OAuth connection to work, you must ensure to add the appropriate scopes when configuring Salesforce and the appropriate Control Room OAuth connection in the Control Room for Salesforce. For more information, see Create OAuth connection.
      • Select the Authorization Code and Credentials Flow check box.
    4. Click Save.
    5. Click Manage Consumer Details. Copy the client key and secret.
    6. Go to Create OAuth connection and complete the remaining steps to create an OAuth connection with the above details.
  8. To connect using Control room OAuth connection, pick a Salesforce OAuth connection you have created and stored in the Control Room. For more details, see Configure OAuth connections in Control Room.
  9. Optional: Enter the Salesforce instance URL in Instance URL.
    The Authentication action requires the instance URL if you set up the Salesforce OAuth connection using the Client Credential Flow grant type.
  10. Enter the API version. You can find the API version in your Salesforce Enterprise Edition setup. For more details, see Find Salesforce API version.
  11. Enter Default as the Session name.
  12. Create either a Multiple or Dictionary variable to store the response. You can do one of the following:
    • The authentication command returns a dictionary with 2 key-value pairs. Authorization (credential type) and InstanceUrl (String type). The Authorization is hidden, but you will be able to read the InstanceUrl. For example, you can use a message box to print of the value of , $str_Authresponse{InstanceUrl}$, this returns the Salesforce URL.
    • You can select Multiple variable as shown below and map to a credential variable and a string variable as keys.
      Salesforce authentication storing multiple variable
      Authorization returns a token, which is hidden as it is a credential type, this token can be passed directly in the Rest Web Services command.
  13. Click Run to save and run your bot. Once authenticated, you will be able to use the token to call other Salesforce API services.