Skip to content
English
More support Customer portal Sign in
Go to gathid.com
  • There are no suggestions because the search field is empty.

Salesforce - System Data Connector Guide

Gathid can be configured to download identity data from your Salesforce instance using an API. The following guide will assist you with configuring your system so that Gathid can automatically extract the data.

Contact your Gathid representative to enable the Salesforce Data Connector on your instance.

Overview

This article relates to version 7.1 of the Salesforce Data Connector.

By default, this connector retrieves a list of from your Salesforce instance via REST API.
The prep-script tab provides options to also retrieve Profiles, Groups, Roles or Permission Sets.
Click here to review the loader's system properties.

Authentication is performed using Salesforce's External Client App framework using OAuth 2.0 - further details are provided below.

Summary

  1. Validate that the new Salesforce connector is available on your Gathid instance

  2. Create a new user with minimum privileges

  3. Create a new External Client app

  4. Configure the Prep Script tab in the Salesforce Loader
  5. Next Steps

Steps to configure the Salesforce data connector in Gathid

1. Validate that the new Salesforce connector is available on your Gathid instance

  1. As an Administrator user, log into Gathid and navigate to Administration Loaders.

  2. You should see new Salesforce loader in the list, in a Disabled state.

REMINDER: To be able to see Administration menu option you need to be in ADMINISTRATOR role.

2. Create a new user with minimum privileges

  1. Login to your Salesforce instance as a user with sufficient privileges to create a new user.

  2. Create a New User from the Administration, Users, Users menu.
    An example of a new user settings:

    First Name = Gathid
    Last Name = guser
    Alias = guser
    Email = guser@none.com
    Username = guser@none.com
    Nickname = guser
    Role = <this can be left blank>
    Profile = Select a role profile.     Salesforce provides a few default profiles recommended by Salesforce for provisioning minimum access. Choose from: 

      1. Minimum Access - Salesforce

      2. Minimum Access - API Only Integrations

      3. Read Only

If Roles, Profiles or Permission sets need to be collected, additional authorisation will be required. Ensure that the above user has View Setup and Configuration permission.

 

3. Create a new External Client app

Salesforce provides a framework called “External Client Apps” which allows a 3rd-party application (in this case, Gathid) to securely access your instance using OAuth 2.0 protocols.
Further information can be obtain from their official documentation: Salesforce External Client Apps

  1. Login to your Salesforce instance as a user with sufficient privileges to create a new External Client App.

  2. Create a new External Client App from the Platform Tools, Apps, External Client Apps, External Client App Manager.
    The following configuration settings have been used:

    Name = Gathid
    API Name = gathid
    Email = <requires a valid email account to authorise the app>

    Tick Enable OAuth and configure the following Settings:
    Call back URL = https://none.gathid.net
    Selected OAuth Scopes = Manage user data via APIs (api)
    Under Flow Enablement, Enable Client Credentials Flow
    Leave the Security settings as default.

    In the Policies tab
    Set the Start Page to OAuth
    Under Plugin Policies, set Permitted users = All users can self-authorize
    OAuth Start URl = <your domain url>
    Under OAuth flows and External Client App Enhancements
    Tick Enable Client Credentials Flow
    Run As (username) = The username from the user created in Step 2 above
    Leave the App Authorization as default

  3. On the Settings tab, under OAuth Settings, click on Consumer Key and Secret.
    This opens a new browser window and asks you to verify the email address provided.
    After verifying, the tab will display a Consumer Key and a Consumer Secret.
  4. Copy these credentials securely as you will need them in the Gathid Loader configuration in the next step. 

4. Configure the Prep Script tab in the Salesforce Loader

  1. As an Administrator, log into Gathid and navigate to Administration → Loaders.
  2. Select the Salesforce loader and go to step (2) Prep-Scripts.
  3. Enter the configuration details retrieved in the previous step.


  4. Click on Save in the bottom right hand side.
  5. Ensure the correct start time for the loader is set in the Agent Runtime Hours. This should be close to your instance's stack start time.
  6. Click on Save in the bottom right hand side.

 Next Steps: 

Add External Relationships

 

 

System Properties

Type: CSV File
Name: Salesforce Accounts

Data Model Fields:

  • Id
  • Username
  • LastName
  • FirstName
  • Name
  • CompanyName
  • Division
  • Department
  • Title
  • Email
  • IsActive
  • UserType
  • EmployeeNumber
  • ManagerId
  • LastLoginDate

Type: CSV File
Name: Salesforce Profiles

Data Model Fields:

  • Id
  • Name
  • Description
  • LastReferencedDate

Type: CSV File
Name: Salesforce Groups

Data Model Fields:

  • Id
  • Description
  • DeveloperName
  • Name
  • OwnerId
  • RelatedId
  • Type

Type: CSV File
Name: Salesforce Roles

Data Model Fields:

  • Id
  • Name
  • DeveloperName

Type: CSV File
Name: Salesforce Permission Sets

Data Model Fields:

  • Id
  • Description
  • HasActivationRequired
  • IsCustom
  • IsOwnedByProfile
  • Label
  • LicenseId
  • Name
  • PermissionSetGroupId
  • ProfileId
  • Type