Configure a Connection Profile

From the CData ribbon, click Get Data and select From Salesforce Data Cloud connection/s to launch the CData Query window. To setup a new connection, you will have to click the New Salesforce Data Cloud Connection button. Here you can set the connection settings, test the connection, and save the connection profile.

Connecting to Salesforce Data Cloud

Salesforce Data Cloud supports authentication via the OAuth standard.

OAuth

Set AuthScheme to OAuth.

Desktop Applications

CData provides an embedded OAuth application that simplifies authentication at the desktop.

You can also authenticate from the desktop via a custom OAuth application, which you configure and register at the Salesforce Data Cloud console. For further information, see Creating a Custom OAuth App.

Before you connect, set these properties:

• OAuthClientId (custom applications only): The Client ID assigned when you registered your custom OAuth application.
• OAuthClientSecret (custom applications only): The Client Secret assigned when you registered your custom OAuth application.

When you connect, the add-in opens Salesforce Data Cloud's OAuth endpoint in your default browser. Log in and grant permissions to the application.

OAuth Password Grant

Follow these steps to set up the Password Grant option:

1. Set the AuthScheme to OAuthPassword to perform authentication with the password grant type.
2. Set all the properties specified in either the web or desktop authentication sections above.
3. Set the User and Password to your login credentials.

Note: If you have enabled Session Settings > Lock sessions to the IP address from which they originated, make sure that your IP address does not change while using the add-in. If the IP changes during the usage of the add-in, an "INVALID_SESSION_ID" error is returned from Salesforce Data Cloud and the add-in will no longer be able to retrieve data. If you receive this error, ask your Salesforce Data Cloud administrator to disable this configuration or make sure to configure a static IP for the instance where you are using the add-in. Then, reset the connection to continue using the add-in.

OAuth Client Grant

To use an OAuth client grant, follow these steps:

1. Set the AuthScheme to OAuthClient to perform authentication with the client grant type.
2. Set all the properties specified in either the web or desktop authentication sections above.

OAuth PKCE

Follow these steps to set up OAuth PKCE authentication:

1. Set the AuthScheme to OAuthPKCE to perform authentication with PKCE.
2. InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
3. OAuthClientId: The client Id assigned when you registered your custom OAuth application.
4. OAuthClientSecret: The client secret assigned when you registered your custom OAuth application.
5. PKCEVerifier: The PKCE code verifier generated from executing the GetOAuthAuthorizationUrl stored procedure.

OAuthJWT

Set the AuthScheme to OAuthJWT.

To obtain the OAuthJWT consumer key:

1. Log in to Salesforce.com.
2. From Setup, enter Apps in the Quick Find box and then click the resulting link to create an app. In the Connected Apps section of the resulting page, click New.
3. Enter a name to be displayed to users when they log in to grant permissions to your app, along with a contact Email address.
4. Click Enable OAuth Settings and enter a value in the Callback URL box. This value is not needed for this type of authentication, but the Salesforce UI requires that it is set. The Callback URL is in the format:
   

   http://localhost:8019/src/oauthCallback.rst

5. Enable Use digital signatures.
6. Upload your certificate.
7. Select the scope of permissions that your app requests from the user.
8. Click your app name to open a page with information about your app. The OAuth consumer key is displayed.

After creating your OAuth Application, set the following connection properties:

• InitiateOAuth: GETANDREFRESH.
• OAuthJWTCert: The JWT certificate store.
• OAuthJWTCertType: The type of certificate store specified by OAuthJWTCert.
• OAuthJWTCertPassword: The password of the JWT certificate store.
• OAuthJWTIssuer: The OAuth Client ID.
• OAuthJWTSubject: The username (email address) of the permitted user profile configured in the connected OAuth app.

Note: This flow never issues a refresh token.

Connection Properties

The Connection properties describe the various options that can be used to establish a connection.

Managing Connections

After successfully authenticating to Salesforce Data Cloud you will be able to customize the data you are importing. To learn more about this, see Managing Connections.

See Also

• Querying Data: Use the data selection wizard to pull data into a spreadsheet. You can also configure scheduled data refresh here.
• Using the Excel Add-In: Find other ways to interact with Salesforce Data Cloud data, such as using the available CData Excel Functions.