Overview
This guide configures Salesforce OAuth JWT authentication for Kolleno, enabling automated API access using:
Consumer Key (Client ID)
Salesforce Username
Private Key
No user interaction or password sharing is required.
Prerequisites
Admin Access: To create certificates and Connected Apps in Salesforce.
Integration User: A dedicated Salesforce user account for Kolleno (e.g.,
api@yourcompany.com
).Profile Permissions: Ensure the integration user’s profile has API Enabled.
Step 1: Generate a Certificate & Private Key
Choose one method below:
Method A: Generate in Salesforce (Recommended)
Go to Setup → Certificate and Key Management → Create Self-Signed Certificate.
Name it (e.g.,
Kolleno_JWT_Cert
).Save → Salesforce generates a certificate and private key.
Export the Private Key:
In Certificate and Key Management, click your certificate → Export to Keystore → Download the
.jks
file.Use KeyStore Explorer (GUI) or
keytool
(CLI) to extract the private key as key file, must be in pem format.
Method B: Generate via OpenSSL
Generate private key (PEM format)
openssl genpkey -algorithm RSA -out kolleno.key -pkeyopt rsa_keygen_bits:2048
Generate self-signed certificate
openssl req -new -x509 -key kolleno.key -out kolleno.crt -days 365`
Use
kolleno.key
as your private key.Upload
kolleno.crt
to Salesforce in Step 2.
Step 2: Create a Connected App
Go to Setup → App Manager → New Connected App.
Configure settings:
Connected App Name:
Kolleno Integration
Contact Email: Your email
Callback URL:
http://localhost
(doesn’t matter for this integration, but the url is still required by Salesforce)
Under API (Enable OAuth Settings):
✅ Enable OAuth Settings
Selected OAuth Scopes:
Full access (full)
Perform requests at any time (refresh_token, offline_access)
Access and manage your data (api)
✅ Use Digital Signatures → Upload your certificate (
.crt
file).
Save → Copy the Consumer Key (Client ID).
Step 3: Assign Permissions
In your Connected App → Manage → Edit Policies:
Permitted Users: Set to Admin approved users are pre-authorized.
Assign the app to the integration user’s Profile or Permission Set:
Go to Manage Profiles → Add the integration user’s profile.
Step 4: Gather Credentials for Kolleno
Credential | How to Obtain |
Consumer Key | From the Connected App details (Step 2). |
Username | Salesforce login email of the integration user (e.g., |
Private Key | Exported from Salesforce ( |