Salesforce Connector

Salesforce generates data for leads, tasks, opportunities, and accounts and employs a variety of features that make it self-secure and improve the repairing functionality. 

OvalEdge uses API to connect to the data source, which allows users to crawl and profile the data objects (Tables, Table Columns, etc.) and execute Queries (SOQL).

Connector Capabilities

Prerequisites

The prerequisites to establish a connection to Salesforce are as follows:

1. Rest API
2. Service Account set up with required permissions
3. Configure environment variables (Optional)

Rest API

The following are prerequisites required to establish the connection to Salesforce.

Service Account with Minimum Permissions

The minimum privileges required for the Service account at the source are as follows:

Configure Environment Variables (Optional)

This section describes the settings or instructions that you should be aware of before establishing a connection. If your environments have been configured, skip this step.

Configure Environment Names

The Environment Names allow you to select the environment configured for the specific connector from the dropdown list in the Add Connector pop-up window.
You might want to consider crawling the same schema in both stage and production environments for consistency. The typical environments for crawling are PROD, STG, or Temporary, and may also include QA or other environments. Additionally, crawling a temporary environment can be useful for schema comparisons, which can later be deleted, especially during application upgrade assistance. 

Steps to Configure the Environment

1. Navigate to Administration > System Settings
2. Select the Connector tab
3. Find the Key name “connector.environment”
4. Enter the desired environment values (PROD, STG) in the value column
5. Click ✔ to save

Establish a connection

To establish a connection to the Salesforce connector,

1. Log into the OvalEdge application
2. Navigate to Administration >  Connectors.
3. Click on the + (New Connector) icon, and the Add Connection with Search Connector pop-up window is displayed.
   
4. Add Connector pop-up window is displayed where you can search for the Salesforce connector.
   
5. The Add Connector with Connector Type specific details pop-up window is displayed. Enter the relevant information to configure the Salesforce connection.
   Note: The asterisk (*) denotes mandatory fields required for establishing a connection.
   
   

   Fields	Details
   Connection Type	The selected connection type ‘Salesforce’ is displayed by default. If required, the dropdown menu allows the user to change the connector type.
   Credential Manager*	Select the option from the drop-down menu, where you want to save your credentials. Database: Oracle connection is configured with the basic Username and Password of the service account in real-time when OvalEdge establishes a connection to the Oracle database.  HashiCorp: The credentials are stored in the HashiCorp database server and fetched from HashiCorp to OvalEdge.   AWS Secrets Manager: The credentials are stored in the AWS Secrets Manager database server and fetched from the AWS Secrets Manager to OvalEdge. For more information on Credential Manager, refer to Credential Manager
   License Add-Ons	All the connectors will have a Base Connector License by default that allows you to crawl and profile to obtain the metadata and statistical information from a datasource.  OvalEdge supports various License Add-Ons based on the connector’s functionality requirements.
   Connector Environment	The environment dropdown menu allows you to select the environment configured for the connector from the dropdown list. For example, PROD, or STG (based on the configured items in the OvalEdge configuration for the connector.environment). The purpose of the environment field is to help you identify which connector is connecting what type of system environment (Production, STG, or QA).   Note: The steps to set up environment variables in explained in the prerequisite section.
   Authentication Type	OvalEdge provides two types of authentication mechanisms to establish a connection to Salesforce. (i) Token Based (i) JWT
   Token Based Authentication
   Connection Name*	Select a connection name for Salesforce. Users must specify a reference name for the easy identification of the Salesforce connection in OvalEdge easily. Example: Salesforce_Connection_DB1
   Username*	Enter the username for the Salesforce service account.
   Password*	Enter the Password for the Salesforce Server account.
   Customer Key*	Enter the customer key generated while registering in Salesforce (This will be available once the connected app is set up in Salesforce) using OAuth2.
   Customer Secret*	Enter the Client secret/consumer secret generated while registering in Salesforce using OAuth2. (This will be available once the connected app is set up in Salesforce.)
   Security token*	Enter the security token that will be generated (Once the user resets the password/token an email with the token will be sent to the user's account). Note: The user can reset the security token from my profile | Settings| My Personal Information | Reset My Security Token. Also, whenever your password is reset, your security token is also reset.
   IS SANDBOX?*	Enter Y or N (to specify whether the instance is a sandbox or not) Note: The information regarding the Sandbox instance can be checked in the Organization Edition under Company Information under Setup.
   API version*	Select the API version from the dropdown list. Example: v51.0 For more information, please follow the link below: https://help.salesforce.com/s/articleView?id=000386929&type=1
   JSON Web Token (JWT) Authentication
   Connector Name*	Provide a connector name for the Salesforce in OvalEdge. This name will serve as a reference to identify the specific Salesforce connection.
   Username*	Enter the username for the Salesforce service account.
   Password	Enter the Password for the Salesforce service account.
   Customer Key*	Enter the customer key generated while registering in Salesforce (This will be available once the connected app is set up in Salesforce) using OAuth2.
   Customer Secret	Enter the Client secret/consumer secret generated while registering in Salesforce using OAuth2. (This will be available once the connected app is set up in Salesforce.)
   Security token	Enter the security token that will be generated (Once the user resets the password/token, an email with the token will be sent to the user's account). Note: The user can reset the security token from my profile | Settings | My Personal Information | Reset My Security Token. Also, whenever your password is reset, your security token is reset.
   IS SANDBOX?*	Enter Y or N (to specify whether the instance is a sandbox or not) Note: The information regarding the Sandbox instance can be checked in the Organization Edition under Company Information under Setup.
   API version*	Select the API version from the drop-down list. Example: v51.0 For more information, please follow the link below: https://help.salesforce.com/s/articleView?id=000386929&type=1
   Keystore password*	A Keystore password is associated with a Keystore.
   Alias name*	Alias name of the Keystore.
   Keystore File Path*	Enter the Keystore File Path after uploading into the NFS connection.
   Default Governance Roles
   Steward*	Select the Steward from the drop-down list options.
   Custodian*	Select the Custodian from the drop-down list options.
   Owner*	Select the Owner from the drop-down list options.
   Governance Roles 4, 5, 6*	Select the respective user from the drop-down options. Note: The drop-down list displays all the configurable roles (for a single user or a team) according to the configurations made in the OvalEdge Security > Governance Roles section.
   Admin Roles
   Integration Admins*	Select the required admin roles for this connector. To add Integration Admin Roles, search for or select one or more roles from the Integration Admin options, and then click on the Apply button.  The responsibility of the Integration Admin includes configuring crawling and profiling settings for the connector, as well as deleting connectors, schemas, or data objects.
   Security and Governance Admins*	To add Security and Governance Admin roles, search for or select one or more roles from the list and then click on the Apply button. The security and Governance Admin is responsible for: Configure role permissions for the connector and its associated data objects. Add admins to set permissions for roles on the connector and its associated data objects. Update governance roles. Create custom fields. Develop Service Request templates for the connector. Create Approval workflows for the templates.
   Select Bridge*	With the OvalEdge Bridge component, any cloud-hosted server can connect with any on-premise or public cloud data sources without modifying firewall rules. A bridge provides real-time control that makes it easy to manage data movement between any source and destination. For more information, refer to Bridge Overview

6. After entering all the connection details, select the appropriate button based on your preferences. 
   1. Validate: Click on the Validate button to verify the connection details. This ensures that the provided information is accurate and enables successful connection establishment.
   2. Save: Click on the Save button to store the connection details. Once saved, the connection will be added to the Connectors home page for easy access.
   3. Save & Configure: For certain Connectors that require additional configuration settings, click the Save & Configure button. This will open the Connection Settings pop-up window, allowing you to configure the necessary settings before saving the connection.
7. Once the connection is validated and saved, it will be displayed on the Connectors home page.
   
   

   Note: You can either save the connection details first, or you can validate the 

   connection first and then save it.

Connection Validation Details

Note: If you have issues creating a connection, please contact your assigned   OvalEdge Customer Success Management (CSM) team.

Connector Settings

Once the connection is established successfully, various settings are provided to fetch and analyze the information from the data source.  

The connection settings include Crawler, Profiler, Query Policies, Access Instruction, Business Glossary Settings, and Others.

The Crawling of Schema(s)

You can use the Crawl/Profile option, which allows you to select the specific schemas for the following operations: crawl, profile, crawl & profile, or profile unprofiled. For any scheduled crawlers and profilers, the defined run date and time are displayed to set. 

1. Navigate to the Connectors page, and click on the Crawl/Profile option.
2. Select the required Schema(s).
3. Click on the Run button that gathers all metadata from the connected source into OvalEdge Data Catalog.

Note: Upon establishing a connection, it is recommended that the user crawl the schema. Then, after crawling the objects into the Data Catalog, profiling the selected objects will be performed based on the user requirements. This is because Salesforce's API limit may be exceeded to perform complete schema profiling.

Please refer to the screenshot below for the limit (Reference only).

Additional Information

This section describes the available authentication types and the FAQs.

Salesforce Authentication

OvalEdge supports various authentication types to set up a connection with Salesforce.

1. Token-Based Authentication

This is a general authentication process. Setting up a connection with Salesforce requires the username, password, client ID, client secret, and security token generated while creating the Salesforce service account.

2. JSON Web Token (JWT)

The JWT enables the sharing of identity and security information across security domains. Salesforce validates the JWT based on a signature using a previously configured certificate and additional parameters. Assuming that the JWT is valid and that the connected app has prior approval, Salesforce issues an access token. 

The user can upload the Keystore file to the NFS path and enter the file location in the connector setting form against the Keystore file path (JKS).

FAQs

Q1. What is the cost of Salesforce API?

Ans: The cost of the Salesforce API depends on the number of APIs the user calls to Salesforce.

---

Copyright © 2024, OvalEdge LLC, Peachtree Corners GA USA