Using OAuth JWT to authenticate to Salesforce in MuleSoft Anypoint Studio

This article will you walk through how to connect to Salesforce in your Mule application using OAuth JWT authentication. The article is divided into three parts. The first part will show you how to setup the Salesforce certificate and key store. The second will cover the setup of the app in Salesforce. The last part will go over how to setup the Salesforce Connector in Anypoint Studio.

This article was created with the following versions:

  • Anypoint Studio 7.4.1
  • Salesforce Connector 9.8.2

Certificate and Keystore Setup

Before creating the Connected App, we need to create a certificate in Salesforce.

1. Login to Salesforce

2. Go to Setup

3. In the search box, type in ‘cert’ and select Security > Certificate and Key Management

4. Click on Create Self-Signed Certificate 

5. Give the certificate a label and unique name. Keep the other fields with their default values and click on Save

6. On the next screen, click on Download Certificate. Remember where you saved the file. (e.g. MuleSoft.crt) 

7. Click on Security > Certificate and Key Management again on the left hand navigation. In the list of certificates, click on Export to Keystore 

8. Type in a password and click on Export. Remember where the file was saved because you’ll need it later. (e.g. 00Do0000000Zp9E.jks) 

Connected App Setup in Salesforce

Now that we’ve created the certificate, we can create the Connected App in Salesforce.

1. In the search box on the left, search for ‘App’ and click on App Manager

2. Click on New Connected App

3. In the Basic Information section, fill in the Connected App Name (e.g. MuleConnector) field. The API Name field will get auto-populated. And fill in the Contact Email field.

4. In the API (Enable OAuth Settings) section

  • Check the Enable OAuth Settings checkbox.
  • Fill in the Callback URL field with the following: http://localhost:8082/callback
  • Check the Use digital signatures checkbox
  • Click on Choose File and select the self-signed certificate that you created in the previous section (e.g. MuleSoft.crt)
  • From the Available OAuth Scopes, select Full access (Full) and Perform requests on your behalf at any time (refresh token, offline_access) and click on Add to move them to Selected OAuth Scopes.

5. Click on Save

6. You’ll see a message that says that it takes about 2-10 minutes for the changes to take effect. Go ahead and click on Continue.

7. In the app screen, take note of the following fields

  • Consumer Key
  • Callback URL

8. Open up a browser window, and navigate to the following URL but replace the Consumer Key and Callback URL with the values from the previous step.<Consumer_Key>&redirect_uri=<Callback_URL>&response_type=token

9. If everything was setup successfully, you’ll be prompted to log into the Salesforce. Once you do, you’ll see the following screen that will access you if you allow access. Click on Allow 

10. If you see a code on the callback URL, the setup was successful.

Salesforce Connector Setup in Anypoint Studio

This section will walk you through the process of setting up the Salesforce Connector connection to leverage OAuth JWT. It assumes you already have a project setup with the Salesforce Connector in your flow.

1. In your project, copy and paste the certificate and keystore file that you created in the previous section into the src/main/resources folder

2. Under Basic Settings > Connector Configuration, click on the green plus sign

3. Change the Connection to OAuth JWT

4. Scroll down to the Connection section and fill in the following fields:

  • Consumer Key – Consumer key from the Connected App that was created in Salesforce
  • Key Store – path to the keystore file that you pasted into the project in the src/main/resources folder
  • Store Password – Keystore password that was created when you generated the keystore file
  • Principal – Salesforce username of the user that was approved against the authorization URL in the previous step

5. If everything was setup correctly, when you click on Test Connection, you should see the following screen


As you can see, it’s pretty easy to setup the Salesforce Connector to leverage OAuth JWT in Anypoint Studio. A majority of the time was spent setting up the certificate and app on the Salesforce side. But once that is setup, you can use the same app and connection parameters for multiple flows in your application.



, ,