On this submit, we’ll clarify all of the steps required to attach a Mule software to Salesforce utilizing the Salesforce connector with the OAuth JWT stream. You may also create your individual certificates for the OAuth JWT stream with Salesforce or with OpenSSL (signed by a CA or self-signed). Each choices are very effectively defined within the video on the conclusion of the article from Stefano Bernardini, MuleSoft Ambassador.
On this submit, we’ll be utilizing a self-signed certificates created by Salesforce however, take into accout, that for manufacturing environments, a certificates issued by a Trusted Certificates Authority is all the time advisable.
1. Create the Certificates
- Begin from our Salesforce org.
- Go to Setup > Certificates and Key Administration.
- Click on on Create Self-Signed Certificates.
-
After you click on on Save, the certificates shall be created and within the subsequent window, you’ll get the main points of your certificates.
- Click on on Obtain Certificates and reserve it to a separate folder. We’ll use it later.
- We’ll get again to the Certificates and Administration web page. We must always see now our certificates within the checklist of certificates.
- From there, we’ll export our certificates to a keystore. Click on on Export to Keystore.
- Present a password to your keystore and keep in mind it. We’ll use it later to arrange the JWT auth within the Mule app.
- You’ll get a .jks file. Put it aside to our separate folder.
- This jks ought to have:
- The certificates
- The Personal Key
- The Public Key
- We are able to confirm that with Key Retailer Explorer, for instance.
2. Create the Linked App in Salesforce
- Begin in your Salesforce org.
- To create the Linked App, we’ll go to Setup > App Supervisor (use Finder).
- Click on on New Linked App within the high proper nook.
- For the remainder of the values, we will depart them as default. Click on Save on the backside of the web page.
- App Supervisor will inform you that it might probably take as much as 10 minutes to get your linked app prepared. Click on on Proceed.
-
Within the subsequent window, throughout the particulars of our linked app, we’ll go to the API (Allow OAuth Settings) part and click on on Handle Client Particulars.
- You’ll be prompted to Confirm Your Identification. You’ll want to offer a verification code that has been despatched to your e-mail. Enter the code and it is best to see the Client key and Client Secret of our linked app.
- Copy the Client Key. We’ll use it later within the Mule app.
-
Return to Setup > App Supervisor and from the checklist of apps, discover our Linked App and click on on Handle in the best dropdown.
-
From right here, click on on Edit Insurance policies.
-
In Permitted Customers, choose Admin accepted customers are pre-authorized, and click on Save.
- Again to the Handle Linked App web page: Scroll all the way down to the Profiles part and click on Handle Profiles.
-
Within the checklist of profiles, choose the profile that ought to have entry to this linked app. For the aim of this instance, we’re utilizing a System Admin profile. It is best to use a profile with the minimal permissions required to your use case. Relying in your use case you may want solely a technical person otherwise you may have to impersonate an actual person, permitting all of the customers related to this profile to propagate their id all the way down to the Mule app.
3. Create the Mule App
- From the Studio, create a New Mule Undertaking.
- Within the Mule Palette, add the Salesforce Module connector.
Design the Movement
- Drag and drop the next parts (see screenshot for particulars of the stream):
- A Listener
- 2 Loggers – earlier than and after the Salesforce Question
- A Salesforce Query from the Salesforce Connector
- A Remodel Message to transform the result of the stream to JSON
Add the Key Retailer
- From there, go to Assets and add the jks file of our keystore.
- Again to Studio: If you happen to right-click once more within the title of our challenge and click on Refresh, we must always see our keystore underneath the src/predominant/assets folder.
HTTP Listener
- Our Mule app shall be listening on port 8081.
- Our endpoint shall be /accounts.
Loggers
Salesforce Connector Question
- If you happen to see the next error, get again to our Salesforce Linked App and assessment:
- The profiles allowed to make use of the app
- If you happen to’ve chosen the choice of Admin-approved, customers are pre-authorized.
- As soon as we’ve acquired the configuration of the connector and the way it will authenticate with JWT, let’s arrange the Question.
- Click on on the Question Component and enter the next configuration within the Properties tab:
- Enter a descriptive title in Show Title – in our instance, Get Accounts.
- Within the Connector Configuration, decide up the Salesforce Config international ingredient we’ve simply outlined within the earlier step.
- Within the Salesforce Question, enter the SOQL question to get the information we wish to get from Salesforce. In our case, it’s only a question to Get Accounts.
Transformation
- The output from Salesforce shall be in Java format. We’ll add a metamorphosis ingredient to translate that to JSON format, in order that our API supplies responses in JSON
- Within the rework ingredient, simply add the next within the Output:
%dw 2.0
output software/json
---
payload
4. Take a look at the App
- From Studio, right-click on the designer canvas and click on Run challenge, which can deploy our app regionally.
- From our testing device, right here we use Postman. We’ll ship a GET to http://localhost:8081/accounts.
- If every part goes effectively, we must always get the checklist of account information.
Within the subsequent submit, we’ll be including mTLS to this configuration.
Video