Knowledge Base

Connectors

Applications

Salesforce Connector

Salesforce generates data for leads, tasks, opportunities, and accounts and employs a variety of features that make it self-secure and improve the repairing functionality.

OvalEdge uses API to connect to the data source, which allows users to crawl and profile the data objects (Tables, Table Columns, etc.) and execute Queries (SOQL).

Connector Capabilities

Functionality	Supported Data Objects
Crawling	Table, Table Columns, Relationships
Profiling	Table Profiling: Row count, Column count Column Profiling: Min, Max, Null count, distinct, top 50 values Full Profiling for supported columns
Query Execution	Select, Aggregations, Group By, Order By (SOQL supported queries)

Note: Salesforce does not allow aggregations and grouping on some column types.

Prerequisites

The prerequisites to establish a connection to Salesforce are as follows:

Rest API
Service Account set up with required permissions
Configure environment variables (Optional)

Rest API

The following are prerequisites required to establish the connection to Salesforce.

S.No.	Drivers/API	Version	Details
1	REST API	v57.0 and above	-

Service Account with Minimum Permissions

The minimum privileges required for the Service account at the source are as follows:

Operation	Minimum Access Permission
Connection validation	Read access on Account (OvalEdge performs query operation against Account table to validate the connection)
Crawl Schema/Tables	Read access on standard and custom objects
Profile Schema/Tables	Read access on standard and custom objects

Configure Environment Variables (Optional)

This section describes the settings or instructions that you should be aware of before establishing a connection. If your environments have been configured, skip this step.

Configure Environment Names

The Environment Names allow you to select the environment configured for the specific connector from the dropdown list in the Add Connector pop-up window.
You might want to consider crawling the same schema in both stage and production environments for consistency. The typical environments for crawling are PROD, STG, or Temporary, and may also include QA or other environments. Additionally, crawling a temporary environment can be useful for schema comparisons, which can later be deleted, especially during application upgrade assistance.

Steps to Configure the Environment

Navigate to Administration > System Settings
Select the Connector tab
Find the Key name “connector.environment”
Enter the desired environment values (PROD, STG) in the value column
Click ✔ to save

Establish a connection

To establish a connection to the Salesforce connector,

Log into the OvalEdge application
Navigate to Administration > Connectors.
Click on the + (New Connector) icon, and the Add Connection with Search Connector pop-up window is displayed.
Add Connector pop-up window is displayed where you can search for the Salesforce connector.

The Add Connector with Connector Type specific details pop-up window is displayed. Enter the relevant information to configure the Salesforce connection.
Note: The asterisk (*) denotes mandatory fields required for establishing a connection.

Fields	Details
Connection Type	The selected connection type ‘Salesforce’ is displayed by default. If required, the dropdown menu allows the user to change the connector type.
Credential Manager*	Select the option from the drop-down menu, where you want to save your credentials. Database: Oracle connection is configured with the basic Username and Password of the service account in real-time when OvalEdge establishes a connection to the Oracle database. HashiCorp: The credentials are stored in the HashiCorp database server and fetched from HashiCorp to OvalEdge. AWS Secrets Manager: The credentials are stored in the AWS Secrets Manager database server and fetched from the AWS Secrets Manager to OvalEdge. For more information on Credential Manager, refer to Credential Manager
License Add-Ons	All the connectors will have a Base Connector License by default that allows you to crawl and profile to obtain the metadata and statistical information from a datasource. OvalEdge supports various License Add-Ons based on the connector’s functionality requirements.
Connector Environment	The environment dropdown menu allows you to select the environment configured for the connector from the dropdown list. For example, PROD, or STG (based on the configured items in the OvalEdge configuration for the connector.environment). The purpose of the environment field is to help you identify which connector is connecting what type of system environment (Production, STG, or QA). Note: The steps to set up environment variables in explained in the prerequisite section.
Authentication Type	OvalEdge provides two types of authentication mechanisms to establish a connection to Salesforce. (i) Token Based (i) JWT
Token Based Authentication
Connection Name*	Select a connection name for Salesforce. Users must specify a reference name for the easy identification of the Salesforce connection in OvalEdge easily. Example: Salesforce_Connection_DB1
Username*	Enter the username for the Salesforce service account.
Password*	Enter the Password for the Salesforce Server account.
Customer Key*	Enter the customer key generated while registering in Salesforce (This will be available once the connected app is set up in Salesforce) using OAuth2.
Customer Secret*	Enter the Client secret/consumer secret generated while registering in Salesforce using OAuth2. (This will be available once the connected app is set up in Salesforce.)
Security token*	Enter the security token that will be generated (Once the user resets the password/token an email with the token will be sent to the user's account). Note: The user can reset the security token from my profile \| Settings\| My Personal Information \| Reset My Security Token. Also, whenever your password is reset, your security token is also reset.
IS SANDBOX?*	Enter Y or N (to specify whether the instance is a sandbox or not) *Note:* The information regarding the Sandbox instance can be checked in the Organization Edition under Company Information under Setup.
API version*	Select the API version from the dropdown list. Example: v51.0 For more information, please follow the link below: https://help.salesforce.com/s/articleView?id=000386929&type=1
JSON Web Token (JWT) Authentication
Connector Name*	Provide a connector name for the Salesforce in OvalEdge. This name will serve as a reference to identify the specific Salesforce connection.
Username*	Enter the username for the Salesforce service account.
Password	Enter the Password for the Salesforce service account.
Customer Key*	Enter the customer key generated while registering in Salesforce (This will be available once the connected app is set up in Salesforce) using OAuth2.
Customer Secret	Enter the Client secret/consumer secret generated while registering in Salesforce using OAuth2. (This will be available once the connected app is set up in Salesforce.)
Security token	Enter the security token that will be generated (Once the user resets the password/token, an email with the token will be sent to the user's account). *Note*: The user can reset the security token from my profile \| Settings \| My Personal Information \| Reset My Security Token. Also, whenever your password is reset, your security token is reset.
IS SANDBOX?*	Enter Y or N (to specify whether the instance is a sandbox or not) *Note*: The information regarding the Sandbox instance can be checked in the Organization Edition under Company Information under Setup.
API version*	Select the API version from the drop-down list. Example: v51.0 For more information, please follow the link below: https://help.salesforce.com/s/articleView?id=000386929&type=1
Keystore password*	A Keystore password is associated with a Keystore.
Alias name*	Alias name of the Keystore.
Keystore File Path*	Enter the Keystore File Path after uploading into the NFS connection.
Default Governance Roles
Steward*	Select the Steward from the drop-down list options.
Custodian*	Select the Custodian from the drop-down list options.
Owner*	Select the Owner from the drop-down list options.
Governance Roles 4, 5, 6*	Select the respective user from the drop-down options. Note: The drop-down list displays all the configurable roles (for a single user or a team) according to the configurations made in the OvalEdge *Security* > *Governance Roles* section.
Admin Roles
Integration Admins*	Select the required admin roles for this connector. To add Integration Admin Roles, search for or select one or more roles from the Integration Admin options, and then click on the Apply button. The responsibility of the Integration Admin includes configuring crawling and profiling settings for the connector, as well as deleting connectors, schemas, or data objects.
Security and Governance Admins*	To add Security and Governance Admin roles, search for or select one or more roles from the list and then click on the Apply button. The security and Governance Admin is responsible for: Configure role permissions for the connector and its associated data objects. Add admins to set permissions for roles on the connector and its associated data objects. Update governance roles. Create custom fields. Develop Service Request templates for the connector. Create Approval workflows for the templates.
Select Bridge	With the OvalEdge Bridge component, any cloud-hosted server can connect with any on-premise or public cloud data sources without modifying firewall rules. A bridge provides real-time control that makes it easy to manage data movement between any source and destination. For more information, refer to Bridge Overview

After entering all the connection details, select the appropriate button based on your preferences.
1. Validate: Click on the Validate button to verify the connection details. This ensures that the provided information is accurate and enables successful connection establishment.
2. Save: Click on the Save button to store the connection details. Once saved, the connection will be added to the Connectors home page for easy access.
3. Save & Configure: For certain Connectors that require additional configuration settings, click the Save & Configure button. This will open the Connection Settings pop-up window, allowing you to configure the necessary settings before saving the connection.
Once the connection is validated and saved, it will be displayed on the Connectors home page.

Note: You can either save the connection details first or you can validate the

connection first and then save it.

Note: For any Connector issues, please contact our Customer Support team.

Connection Validation Details

S.No	Error Message(s)	Description
1	Failed to establish connection, please check the credentials(Client ID, Client Secret, Security token, etc.,)	Invalid Client ID, User Name, Security Token, and in case of the wrong password and the wrong client secret.

Note: If you have issues creating a connection, please contact your assigned OvalEdge Customer Success Management (CSM) team.

Connector Settings

Once the connection is established successfully, various settings are provided to fetch and analyze the information from the data source.

The connection settings include Crawler, Profiler, Query Policies, Access Instruction, Business Glossary Settings, and Others.

Connector Setting	Description
Crawler	Crawler settings are configured to connect to a data source and collect and catalog all the data elements in the form of metadata.
Profiler	It is the process of gathering statistics and informative summaries about the connected data source(s). Statistics can help assess the data source's quality before using it in an analysis. Profiling is always optional; crawling can be run without profiling also.
Query Policies	It restricts the use of the selected query types based on your role.
Access Instruction	Access Instruction allows the data owner to instruct other users on using the objects in the application.
Business Glossary Settings	Business Glossary Settings enable users to configure data associations for terms related to a specific connector. These settings operate based on the predefined order of options for each managed data association in the business glossary.
Others	The Send Metadata Changes Notifications option is used to set the change notification about the metadata changes of the data objects. Users can use the toggle button to set the Default Governance Roles (Steward, Owner Custodian, etc.) From the drop-down menu, the user can select the role and team to receive the notification of metadata changes.

Note: For more information, refer to the Connector Settings.

The Crawling of Schema(s)

You can use the Crawl/Profile option, which allows you to select the specific schemas for the following operations: crawl, profile, crawl & profile, or profile unprofiled. For any scheduled crawlers and profilers, the defined run date and time are displayed to set.

Navigate to the Connectors page, and click on the Crawl/Profile option.
Select the required Schema(s).
Click on the Run button that gathers all metadata from the connected source into OvalEdge Data Catalog.

Note: Upon establishing a connection, it is recommended that the user crawl the schema. Then, after crawling the objects into the Data Catalog, profiling the selected objects will be performed based on the user requirements. This is because Salesforce's API limit may be exceeded to perform complete schema profiling.

Please refer to the screenshot below for the limit (Reference only).

Additional Information

This section describes the available authentication types and the FAQs.

Salesforce Authentication

OvalEdge supports various authentication types to set up a connection with Salesforce.

1. Token-Based Authentication

This is a general authentication process. Setting up a connection with Salesforce requires the username, password, client ID, client secret, and security token generated while creating the Salesforce service account.

2. JSON Web Token (JWT)

The JWT enables the sharing of identity and security information across security domains. Salesforce validates the JWT based on a signature using a previously configured certificate and additional parameters. Assuming that the JWT is valid and that the connected app has prior approval, Salesforce issues an access token.

The user can upload the Keystore file to the NFS path and enter the file location in the connector setting form against the Keystore file path (JKS).

It is not mandatory to enter the password, Client Secret and Security token in the connection setting form when JWT authentication is selected.

FAQs

Q1. What is the cost of Salesforce API?

Ans: The cost of the Salesforce API depends on the number of APIs the user calls to Salesforce.