Configure your Salesforce account to collect data

To collect data from Salesforce, create a Salesforce account with the following permissions:

• (Optional) A security token created for the account to access the Salesforce Rest API. For instructions on how to create a security token, see Reset your security token. Note that a security token is not required if your machine IP is within the Salesforce trusted ip range.

• (Optional) You need a Salesforce App if you want to use OAuth authentication. When you add an account in the Splunk Add-on for Salesforce and you choose OAuth 2.0 Client Credentials as your authentication type.

• To collect Salesforce object data, you have to have read access to the Salesforce objects you want to get data from.

• To collect Salesforce event log data, you have to have read access to the Salesforce event log and enable the Salesforce event log file API. For any questions about this API, contact your Salesforce admin or Salesforce sales representative.

Set up the OAuth App in the Salesforce

The Splunk Add-on for Salesforce supports both the OAuth Client Credentials and OAuth Authorization Code flows. The OAuth Client Credentials flow enables authentication without user interaction, whereas the OAuth Authorization Code flow requires user interaction to obtain an access token.

Note

When using the default Salesforce domains, such as login.salesforce.com or test.salesforce.com, use the OAuth Authorization Code flow. This is because Salesforce may experience issues with the OAuth Client Credentials flow when a custom domain is not used.

Oauth Client Credentials flow

1. Login to Salesforce with the same user credentials that you want to collect data in your Splunk deployment.
2. From Setup, enter External Client Apps in the Quick Find box, and select Settings in the External Client App section.
3. Turn on Allow creation of connected apps, if it’s off.

4. Select New Connected App and enter the required details:

   • Name
   • Your contact email
   • (Optionally) fill out other fields as outlined in https://help.salesforce.com/s/articleView?id=sf.connected_app_create_basics.htm&language=en_US&type=5

5. In the API (Enable OAuth Settings) section:

   a. Check Enable OAuth Settings.

   b. Define a Callback URL (any valid HTTPS address; this is mandatory but not used in the Client Credentials flow).

   c. Move Manage user data via APIS (api) to Selected OAuth Scopes.

   d. (Optional) In case of data collection, if any permission issues arise, add the Full access (full) scope.

   e. Check Enable Client Credentials Flow.

6. Save the Connected App by selecting Save. It may take approximately 10 minutes for the changes to take effect.

7. Manage Consumer Details:

   a. Once the app is created, go to the API (Enable OAuth Settings) section of the app details.

   b. Select Manage Consumer Details. You must provide a verification code sent to your email address.

   c. Save the Consumer Key and Consumer Secret. These are necessary for authentication.

8. Configure Client Credentials Policies:

   a. Go to Apps > Connected Apps > Manage Connected Apps.

   b. Locate your newly created app and select Manage.

   c. Under Edit Policies, in the Client Credentials Flow section, set the Run As field to the desired user.

   d. Save the changes.

Your Salesforce app is now configured to use the OAuth Client Credentials flow. You can use the Consumer Key and Consumer Secret to authenticate your integration.

OAuth Authorization Code flow

1. Login to Salesforce with the same user credentials that you want to collect data in your Splunk deployment.

2. From Setup, enter External Client Apps in the Quick Find box, and select Settings in the External Client App section.

3. Select “New Connected App” and enter the required details:

   • Enter a name
   • Enter your contact email
   • (Optionally) fill out other fields as outlined in https://help.salesforce.com/s/articleView?id=sf.connected_app_create_basics.htm&type=5

4. Enable OAuth Settings, by performing the following actions in the API (Enable OAuth Settings) section:

   • Check Enable OAuth Settings.
   • Define a Callback URL (Copy and paste the redirect URL on the configuration page in the Splunk Add-on for Salesforce).
   • Move Manage user data via APIS (api) and Perform requests at any time (refresh_token, offline_access) to Selected OAuth Scopes.
   • (Optional) In case of data collection, if any permission issues arise, add the Full access (full) scope.
   • Check Require Secret for the Web Server Flow to require the app’s client secret in exchange for an access token.
   • Check Require Secret for Refresh Token Flow to require the app’s client secret in the authorization request of a refresh token and hybrid refresh token flow.

5. Save the connected app by selecting Save. Changes may take up to 10 minutes to take effect.

6. Manage consumer details:

   a. After the app is created, go to the API (Enable OAuth Settings) section of the app details.

   b. Select Manage Consumer Details and provide a verification code sent to your email address.

   c. Save the Consumer Key and Consumer Secret. You need them for authentication.