Learned by doing: How to create Salesforce OAuth 2.0 JWT bearer token flow and integrate it with Talend


Salesforce OAuth 2.0 JSON Web Token (JWT) bearer token flow is used to authenticate Salesforce without logging into Salesforce each time the servers exchange information.


This article shows you how to configure Salesforce OAuth JWT bearer token flow and integrate it with Talend metadata.



  • Talend Studio

  • Salesforce administration account

  • If you are using Talend Studio 7.1.1 to connect to Salesforce OAuth 2.0 JWT flow, you need to install the TPS-3151 patch, by performing the following steps:

    1. Download the TPS-3151 patch from the Nexus Repository Manager to the local machine, where Talend Studio 7.1.1 is running.

    2. Close the Studio, if the Studio is running.
    3. Create a folder named patches under your Studio installer directory, then copy the patch ZIP file into this folder.

    4. Unzip the Patch_20190605_TPS-3151_v1-7.1.1.zip file.
    5. Copy the configuration folder and paste it into the <Talend Studio 7.1.1 installation location>/Studio folder.
    6. Delete the org.eclipse.osgi cache folder in <Talend Studio 7.1.1 installation location>/Studio/configuration.
    7. Start Studio, then in the pop-up window, click OK to install the patch.


Configure Salesforce OAuth 2.0 JWT bearer token flow

Before using the Salesforce OAuth 2.0 JWT bearer token flow, create a self-signed certificate and a connected app, as described in the following sections.


Creating a self-signed certificate

  1. Log in to Salesforce with the username that has admin permission.

  2. Click Setup.

  3. Under Administer, click Security Controls, then click Certificate and Key Management.

  4. Click Create Self-Signed Certificate to create a self-signed certificate.



  5. Click Download Certificate and save the certificate to your local machine.



  6. Go back to the Certificate and Key Management page, click the Export to a Keystore button, enter the Keystore Password, then save it to your local machine.



Creating a connected app

  1. Under Build, click Create > Apps.

  2. Scroll down to the Connected Apps section, then click the New button.

  3. Fill in the required fields (those with i iicon.png icon), upload the certificate file that you created in the Creating a self-signed certificate section of this article, then select OAuth Scopes to grant access.

  4. Select the necessary check boxes, as shown below. Click Save.



  5. Notice that creating the Connected App generates the Consumer Key and the Consumer Secret.



Integrate Talend to Salesforce


Creating the Salesforce OAuth 2.0 JWT flow connection

  1. Launch Talend Studio.

  2. Expand Metadata.

  3. Right-click Salesforce, then select Salesforce Connection.

  4. In the Salesforce Connection Settings, select Connection type in the drop-down list, then select OAuth.

  5. Complete the fields in the Salesforce Connection Settings window using your connection information (an * means the information is required).

    • Issuer: Consumer Key in the Connected App

    • Subject: Salesforce login username

    • Audience: Salesforce Org URL

    • Key store: Java Keystore (JKS) file that exported during the creation of the self-signed certificate

    • Key store password: password phrase given during the Java Keystore export

    • Certificate alias: unique name of the self-signed certificate given during the certificate creation



  6. Click the Advanced..., enter your Salesforce Org OAuth 2 URL, then click OK.

  7. Click Test connection to test the connection.

  8. Click Next, then choose the object that you want to use so that it will retrieve that object schema (for example, opportunity).


Creating a test Job to retrieve data from Salesforce object

  1. Using the Salesforce OAuth 2 you created in the Creating the Salesforce OAuth 2.0 JWT flow connection section of this article, drag and drop the Salesforce connection from Metadata to the Studio canvas.



  2. To retrieve data in bulk, select Bulk in the Query Mode drop-down list. Click Advanced settings, check the Enable PK Chunking check box, then enter the Chunk size.



  3. Add a tFileOutputDelimited component to write data to the output file.



  4. Test the Job output.



  5. Review the Salesforce data output file.


Version history
Revision #:
20 of 20
Last update:
‎12-04-2019 09:03 AM
Updated by: