Salesforce OAuth 2.0 JSON Web Token (JWT) bearer token flow is used to authenticate Salesforce without logging into Salesforce each time the servers exchange information.
This article shows you how to configure Salesforce OAuth JWT bearer token flow and integrate it with Talend metadata.
Salesforce administration account
If you are using Talend Studio 7.1.1 to connect to Salesforce OAuth 2.0 JWT flow, you need to install the TPS-3151 patch, by performing the following steps:
Download the TPS-3151 patch from the Nexus Repository Manager to the local machine, where Talend Studio 7.1.1 is running.
Create a folder named patches under your Studio installer directory, then copy the patch ZIP file into this folder.
Start Studio, then in the pop-up window, click OK to install the patch.
Before using the Salesforce OAuth 2.0 JWT bearer token flow, create a self-signed certificate and a connected app, as described in the following sections.
Log in to Salesforce with the username that has admin permission.
Under Administer, click Security Controls, then click Certificate and Key Management.
Click Create Self-Signed Certificate to create a self-signed certificate.
Click Download Certificate and save the certificate to your local machine.
Go back to the Certificate and Key Management page, click the Export to a Keystore button, enter the Keystore Password, then save it to your local machine.
Under Build, click Create > Apps.
Scroll down to the Connected Apps section, then click the New button.
Fill in the required fields (those with i icon), upload the certificate file that you created in the Creating a self-signed certificate section of this article, then select OAuth Scopes to grant access.
Select the necessary check boxes, as shown below. Click Save.
Notice that creating the Connected App generates the Consumer Key and the Consumer Secret.
Launch Talend Studio.
Right-click Salesforce, then select Salesforce Connection.
In the Salesforce Connection Settings, select Connection type in the drop-down list, then select OAuth.
Complete the fields in the Salesforce Connection Settings window using your connection information (an * means the information is required).
Issuer: Consumer Key in the Connected App
Subject: Salesforce login username
Audience: Salesforce Org URL
Key store: Java Keystore (JKS) file that exported during the creation of the self-signed certificate
Key store password: password phrase given during the Java Keystore export
Certificate alias: unique name of the self-signed certificate given during the certificate creation
Click the Advanced..., enter your Salesforce Org OAuth 2 URL, then click OK.
Click Test connection to test the connection.
Click Next, then choose the object that you want to use so that it will retrieve that object schema (for example, opportunity).
Using the Salesforce OAuth 2 you created in the Creating the Salesforce OAuth 2.0 JWT flow connection section of this article, drag and drop the Salesforce connection from Metadata to the Studio canvas.
To retrieve data in bulk, select Bulk in the Query Mode drop-down list. Click Advanced settings, check the Enable PK Chunking check box, then enter the Chunk size.
Add a tFileOutputDelimited component to write data to the output file.
Test the Job output.
Review the Salesforce data output file.