Skip to main content

How to connect to Salesforce using OAuth

Set up Salesforce OAuth JWT for Kolleno to enable secure, automated API access without passwords.

Kolleno Support avatar
Written by Kolleno Support
Updated over a week ago

Overview

This guide configures Salesforce OAuth JWT authentication for Kolleno, enabling automated API access using:

  • Consumer Key (Client ID)

  • Salesforce Username

  • Private Key

No user interaction or password sharing is required.

Prerequisites

  1. Admin Access: To create certificates and Connected Apps in Salesforce.

  2. Integration User: A dedicated Salesforce user account for Kolleno (e.g., api@yourcompany.com).

  3. Profile Permissions: Ensure the integration user’s profile has API Enabled.

Step 1: Generate a Certificate & Private Key

Choose one method below:

Method A: Generate in Salesforce (Recommended)

  1. Go to SetupCertificate and Key ManagementCreate Self-Signed Certificate.

  2. Name it (e.g., Kolleno_JWT_Cert).

  3. Save → Salesforce generates a certificate and private key.

  4. Export the Private Key:

    • In Certificate and Key Management, click your certificate → Export to Keystore → Download the .jks file.

    • Use KeyStore Explorer (GUI) or keytool (CLI) to extract the private key as key file, must be in pem format.

Method B: Generate via OpenSSL

Generate private key (PEM format)

openssl genpkey -algorithm RSA -out kolleno.key -pkeyopt rsa_keygen_bits:2048

Generate self-signed certificate

openssl req -new -x509 -key kolleno.key -out kolleno.crt -days 365`
  • Use kolleno.key as your private key.

  • Upload kolleno.crt to Salesforce in Step 2.

Step 2: Create a Connected App

  1. Go to SetupApp ManagerNew Connected App.

  2. Configure settings:

    • Connected App Name: Kolleno Integration

    • Contact Email: Your email

    • Callback URL: http://localhost (doesn’t matter for this integration, but the url is still required by Salesforce)

  3. Under API (Enable OAuth Settings):

    • Enable OAuth Settings

    • Selected OAuth Scopes:

      • Full access (full)

      • Perform requests at any time (refresh_token, offline_access)

      • Access and manage your data (api)

    • Use Digital Signatures → Upload your certificate (.crt file).

  4. Save → Copy the Consumer Key (Client ID).

Step 3: Assign Permissions

  1. In your Connected App → ManageEdit Policies:

    • Permitted Users: Set to Admin approved users are pre-authorized.

  2. Assign the app to the integration user’s Profile or Permission Set:

    • Go to Manage Profiles → Add the integration user’s profile.

Step 4: Gather Credentials for Kolleno

Credential

How to Obtain

Consumer Key

From the Connected App details (Step 2).

Username

Salesforce login email of the integration user (e.g., api@yourcompany.com).

Private Key

Exported from Salesforce (.key) or generated via OpenSSL.

Did this answer your question?