/
Configuration setup for Salesforce JWT OAuth2 Account

Configuration setup for Salesforce JWT OAuth2 Account

Owned by Kalpana Malladi
Last updated: Apr 16, 2025

 

Overview

JWT (JSON Web Token) OAuth2 flow is a server-to-server authentication method in Salesforce. It's often used when a backend service or integration needs to access Salesforce data without user interaction. For the OAuth2 account to function without any issues, ensure that you generate a Private key and configure a Connected App corresponding to the account, as explained in the following video. 

Steps

Step 1: Generate the private key and certificate using the following commands:

openssl req -newky rsa:2048 - new -nodes -keyout key.pem -out csr.pem opensll x509 -req -days 365 -in csr.pem -signkey key.pem -out server.crt

Step 2: Create a Connected App in Salesforce.

  1. Upload the certificate.

  2. Click the Manage button for the newly created Connected App.

  3. Under OAuth policies, select All users may self-authorize option for Permitted Users.

  4. Navigate to Manage Apps in the left pane, and click the Manage Profiles button in the Profiles section.

  5. Select the System administrator checkbox and click Save.
    The Consumer Key and Consumer Secret values are generated. Secure these values at a safe location. You will need to provide these values in the JWT OAuth2 account.

Step 3: Create a .jks file from the same certificate you uploaded in the Connector App. Use the following commands to generate keystore.jks file, which you need to upload in the Salesforce JWT OAuth2 Account:

openssl pkcs12 -export \ -in server.crt \ -inkey key.pem\ -out keystore.p12 \ -name myalias
keytool -importkeystore -deststorepass changeit \ -destkeypass changeit \ -destkeystore keystore.jks \ -srckeystore keystore.p12\ -srcstoretype PKCS12 \ -srcstorepass user \ -alias myalias

 

Step 4: Configure the Salesforce JWT OAuth2 Account in SnapLogic Designer.

  1. Navigate to the Salesforce Snap of your choice and set up the JWT OAuth2 Account with the following details:

    • Instance URL: Instance URL to access Salesforce.

    • Issuer (client ID): The consumer key of the connected app.

    • Subject (Username): The username for the Salesforce account.

    • Audience (Server URL): Salesforce endpoint URL for the Salesforce account.

    • Keystore: Upload the keystore file.

    • Keystore password: the password for the keystore file.

    • Key alias: The alias of the private key to be used from the keystore.

    • Private key passphrase: The passphrase for the private key to be used

  2. Click Validate.
    The account should be validated successfully.

 

 

Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2025 SnapLogic, Inc.