Configure OAuth Authentication

OpenText recommends using OAuth authentication to retrieve data from Salesforce.

Create an Application to Represent the Connector

To retrieve content from Salesforce using OAuth authentication, you must create a Salesforce application to represent the connector. For information about creating the application, refer to the Salesforce documentation.

The application must be granted the following OAuth scopes:

  • Access and manage your data (api)
  • Perform requests on your behalf at any time (refresh_token, offline_access)

NOTE: When you create the application, ensure that the Redirect URL matches the location where you will run the OAuth configuration tool.

  • To use the NiFi Ingest connector, the redirect URL must match the URL shown in the advanced configuration dialog of the NiFi processor.
  • To use the standard connector, the redirect URL must match the value of the RedirectUrl parameter in the OAuth tool configuration file, oauth_tool.cfg. The default value is http://localhost:7878/oauth.

When you create the application, Salesforce will provide you with an application key (sometimes called a client ID) and application secret (sometimes called a client secret). Make a note of these details because you will need the values to configure the connector.

Configure the Connector

After creating an application to represent the connector, run the OAuth configuration tool.

To configure OAuth authentication

  • To configure the NiFi Ingest connector

    1. In the NiFi web interface, right-click the processor and click Configure.
    2. Click ADVANCED, and complete the guided setup wizard. Then configure OAuth using the OAUTH SETUP tab.
  • To configure the standard connector

    1. Open the folder where you installed the connector.
    2. Open the OAuth tool configuration file, oauth_tool.cfg, in a text editor.
    3. In the [Default] section, set any SSL or proxy settings that are required to access the repository:

      SSLMethod The version of SSL/TLS to use.
      ProxyHost The host name or IP address of the proxy server to use.
      ProxyPort The port of the proxy server to use.

      For example:

      SSLMethod=NEGOTIATE
      ProxyHost=10.0.0.1
      ProxyPort=8080
    4. In the [OAuthTool] section, set the following parameters:

      AppKey The application key of the application you created to represent the connector.
      AppSecret The application secret of the application you created to represent the connector.
      RedirectUrl The URL at which the OAuth tool runs. This must match the Redirect URL that you configured when you created the application to represent the connector.
    5. Open a command-line window and run the following command:

      oauth_tool.exe oauth_tool.cfg OAuthTool

      A web browser opens, asking you to log in to Salesforce and grant consent.

    6. Log in and grant consent.

      The OAuth tool creates the files oauth.cfg and oauth2_sites.bin. When you configure the connector, import the parameters from oauth.cfg into your task configuration. For more information about including parameters from another file, see Include an External Configuration File.