Salesforce 3rd Party OAuth Setup

This article explains how to configure OAuth for use in Matillion ETL via both the Salesforce Classic and Salesforce Lightning experiences.

Salesforce Classic and Salesforce Lightning Experience

To connect to your Salesforce or data, Matillion ETL requires a configured OAuth. However, before you can configure OAuth in Matillion, you need to first set up the OAuth via your Salesforce account.

Note: Your Matillion instance must be using a secure connection (that is to say, HTTPS rather than HTTP) to work with Salesforce.

Second Note: The Salesforce user must have permission to manage the connected apps. For more information, we advise that you refer to the Salesforce documentation on User Permissions and Access and Creating Connected Apps.

Using our instructions and referencing our below screenshots, you can set up your Salesforce OAuth for use in Matillion.


Setting Up OAuth

OAuths can be set up within Matillion ETL from Project → Manage OAuth. When adding a new Salesforce OAuth, users must choose whether this OAuth will pertain to a regular or a sandbox Salesforce account. The Client ID and Client Secret MUST come from that same account and you cannot connect to a sandbox account using the details of a regular account and vice-versa.


To find the details you require (Client ID and Client Secret) being by logging into your Salesforce account. for regular accounts. for sandbox accounts.

If using Salesforce Classic

1. Once you have logged in, click on Setup in the top right, as highlighted in the below screenshot.

2. Then, you need to click on Manage Apps, as highlighted in the next screenshot. It's in the "App" column of the "Quick Links" section of the interface.

3. Now that you're in the "Apps" page, you need to navigate down the page to the section labelled "Connected Apps". From here, as in the next screenshot, click on New.

If using Lightning Experience

1. If you are using Lightning Experience; once you log in to Salesforce and click Setup, navigate to the "Quick Find" search bar in the top left of the window.

2. Now enter "App" in this search bar, and then select App Manager | New Connected App.

3. The Salesforce documentation provides additional information on how to create a new connected app.

On both Classic and Lightning Experience

4. On the very next page, you'll need to complete the setup form for your new connected app. First, fill out the Basic Information fields. Enter a name that will be displayed to users upon logging in. The API Name will automatically mirror the Connected App Name, as with our below example. Next, add a contact email; you can also (if you wish) provide a contact number and other embellishments, including a description.

5. In the next section, "API (Enable OAuth Settings)", the first thing you need to do is click on the Enable Oauth Settings box. Once this box is ticked, more actionable settings become available.

From here, you need to provide a callback URL, for example:

Remember, the URL must be a secure (HTTPS) and resolvable domain, not HTTP.

6. Once you've done that, you need to add the following Selected OAuth Scopes (you might need to add other scopes if they are particularly relevant to your use case):

  • Access and manage your data (api)
  • Perform requests on your behalf at any time (refresh_token, offline_access)
  • Provide access to your data via the Web (web)
Note: If you are having trouble connecting to Salesforce (such as receiving an Error: 400 from your Salesforce component) it may help to include the Full Access (Full) scope. This is, however, not recommended and is a last resort.

7. Now click the box for Require Secret for Web Server Flow.

Click image to enlarge

8. Then, click Save at the bottom of the page.

You will then be taken to a page like the next screenshot. Simply click Continue.

9. Finally you are taken to the details page of your new connected app. In the below image, the left arrow points to where you can find your Consumer Key, which acts as your "Client Key" within Matillion ETL. On the right side of this page, the arrow directs you to the Consumer Secret. This acts as your "Client Secret" within Matillion ETL. Click on the text to reveal the secret.

Click image to enlarge

You now have all the details required to set up OAuth in Matillion ETL and finish the configuration inside Matillion ETL.

For help configuring the additional parameters of the Salesforce Query component, click here or select the Help tab in the Matillion ETL client while using the component.