Configure Salesforce Authentification in the Mavenoid Assistant Builder

Question

Accepted Answer

The Custom JavaScript action can be used to set up Salesforce authentication within the Mavenoid Assistant Builder. This allows you to retrieve an access token and interact with Salesforce's REST APIs. While Salesforce supports multiple authentication methods, we recommend using the OAuth 2.0 Refresh Token Flow for Renewed Sessions.

Prerequisites

To complete this setup, you'll need:

Admin permissions in Mavenoid to connect Mavenoid and Salesforce.
A Salesforce Integrations User with access to the required resources. For information on how to set up the Salesforce Integrations User, refer to our guide Creating a Salesforce Integration User (API-only User).
A Connected App in Salesforce configured for the OAuth 2.0 Client Credentials Flow. For information on how to set up the connected app, refer to our guide Configure a Connected App for OAuth 2.0

Gather Required Credentials

Before configuring the authentication flow, collect the following information:

Your Salesforce domain hostname (https://{YOUR_SALESFORCE_DOMAIN}.my.salesforce.com)
Username and password for the Salesforce Integrations User
Consumer Key and Secret from your Connected App

You can either send this information to your Mavenoid representative for assistance, or continue with the steps below to set it up yourself.

Configure Authentication Flow

The authentication flow uses the OAuth 2.0 Refresh Token Flow. To use this, you must first complete the OAuth 2.0 Web Server Flow to obtain a refresh token.

Step 1: Get a Salesforce Refresh Token

Authorize the Integration User:
- Visit the following URL in your browser: https://YOUR_SALESFORCE_DOMAIN.my.salesforce.com/services/oauth2/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_CALLBACK_URL&response_type=code
- Log in with the Salesforce Integrations User credentials.
- After logging in, Salesforce will redirect you to the callback URL with an authorization code in the query string: ?code={authorization_code}
Exchange Authorization Code for Refresh Token:
- Make a POST request to the Salesforce token endpoint:
  - Production: https://login.salesforce.com/services/oauth2/token
  - Sandbox: https://test.salesforce.com/services/oauth2/token
  - Or use: https://{YOUR_SALESFORCE_HOSTNAME}/services/oauth2/token depending on your Salesforce setup
- Include the following URL-encoded parameters in the request body:
  - grant_type: authorization_code
  - redirect_uri: {YOUR_CALLBACK_URL}
  - client_id: {YOUR_CONSUMER_KEY}
  - client_secret: {YOUR_CONSUMER_SECRET}
  - code: {YOUR_AUTHORIZATION_CODE}

Step 2: Configure the Authentication Flow in Mavenoid

Add Secrets in Mavenoid Add the required secrets to Mavenoid. See Understand secrets in Mavenoid for more details.
- Consumer Key
  - Name: client_id
  - Value: {YOUR_CLIENT_ID}
- Refresh Token
  - Name: refresh_token
  - Value: {YOUR_REFRESH_TOKEN}
Configure the Access Token Request Add a Custom JavaScript action in the Assistant Builder to retrieve the access token by making a POST request to Salesforce.
- Token endpoint:
  - Production: https://login.salesforce.com/services/oauth2/token
  - Sandbox: https://test.salesforce.com/services/oauth2/token
  - Or use: https://{YOUR_SALESFORCE_HOSTNAME}/services/oauth2/token depending on your Salesforce setup
Use the code templates at the end of this article to help configure this request.
Use the Access Token Once retrieved, the access token can be used in subsequent steps to interact with Salesforce APIs. See our guide Managing Records with Salesforce REST API for more information on how to use it.

((( Code Template to Get Access Token

Copy-friendly code

export async function run(
  formData: Record,
  secrets: Record,
) {
  const res = await fetch(`https://login.salesforce.com/services/oauth2/token`,
    {
      method: "POST",
      headers: {
        "Content-Type": "application/x-www-form-urlencoded",
      },
      body: JSON.stringify({
        grant_type: "refresh_token",
        client_id: secrets["client_id"],
        refresh_token: secrets["refresh_token"],
      }),
    }
  );
  if (!res.ok) {
    const error = await res.text();
    return { error };
  }
  const data = await res.json();
  return {
    access_token: data["access_token"],
  };
}

)))

Integrations & Actions