Using OAuth Authentication
OAuth requires the authenticating user to interact with Salesforce Pardot using the browser. The provider facilitates this in various ways as described below.
Pardot Business Unit Id
To connect via OAuth2.0 you need to obtain the BusinessUnitId.
To find the Pardot Business Unit ID, use Setup in Salesforce.
- From Setup, enter "Pardot Account Setup" in the Quick Find box.
Your Pardot Business Unit ID begins with "0Uv" and is 18 characters long. If you cannot access the Pardot Account Setup information, ask your Salesforce Administrator to provide you with the Pardot Business Unit ID.
Embedded CredentialsSee Embedded Credentials to connect with the provider's embedded credentials and skip creating a custom OAuth app.
- You must have Salesforce OAuth setup in the org. To setup up a connected app for OAuth, the "pardot_api" and "api" scopes and/or "full" scope must be among the selected OAuth scopes. Otherwise, OAuth flows other than username/password flow will not be usable with the Pardot API.
- To automatically refresh the access token when it expires, the "refresh_token" scope must be selected.
- Authenticate with a user that is SSO enabled. An SSO enabled user is one who can log in to the Pardot user interface (https://pi.pardot.com) using "Log In with Salesforce" or who can access Pardot using the Pardot Lightning App.
The driver does not handle expired refresh tokens. To make sure the refresh token will not expire, check that the Refresh Token Policy of your app is "valid until revoked".
Otherwise, if your app has been configured to revoke refresh tokens after the first usage, or after some time, you need to reset the connection each time the refresh token has been revoked.
You need to register an app to obtain the OAuthClientId and OAuthClientSecret.
You need to create an OAuth app to use in the web flow. See Creating a Custom OAuth App for the procedure.
You need to create an OAuth app. See Creating a Custom OAuth App for the procedure.
In the headless OAuth flow, users need to authenticate via a browser on another machine. You need to create a custom OAuth app. See Creating a Custom OAuth App for the procedure.
Creating a Custom OAuth App
See Creating a Custom OAuth App for the procedure.