The Custom JavaScript action can be used to set up Salesforce authentication within the Mavenoid Assistant Builder. This allows you to retrieve an access token and interact with Salesforce's REST APIs. While Salesforce supports multiple authentication methods, we recommend using the OAuth 2.0 Refresh Token Flow for Renewed Sessions.
To complete this setup, you'll need:
Admin permissions in Mavenoid to connect Mavenoid and Salesforce.
A Salesforce Integrations User with access to the required resources. For information on how to set up the Salesforce Integrations User, refer to our guide Creating a Salesforce Integration User (API-only User).
A Connected App in Salesforce configured for the OAuth 2.0 Client Credentials Flow. For information on how to set up the connected app, refer to our guide Configure a Connected App for OAuth 2.0
Before configuring the authentication flow, collect the following information:
Your Salesforce domain hostname (https://{YOUR_SALESFORCE_DOMAIN}.my.salesforce.com
)
Username and password for the Salesforce Integrations User
Consumer Key and Secret from your Connected App
You can either send this information to your Mavenoid representative for assistance, or continue with the steps below to set it up yourself.
The authentication flow uses the OAuth 2.0 Refresh Token Flow. To use this, you must first complete the OAuth 2.0 Web Server Flow to obtain a refresh token.
Authorize the Integration User:
Visit the following URL in your browser:https://YOUR_SALESFORCE_DOMAIN.my.salesforce.com/services/oauth2/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_CALLBACK_URL&response_type=code
Log in with the Salesforce Integrations User credentials.
After logging in, Salesforce will redirect you to the callback URL with an authorization code in the query string:?code={authorization_code}
Exchange Authorization Code for Refresh Token:
Make a POST request to the Salesforce token endpoint:
Production: https://login.salesforce.com/services/oauth2/token
Sandbox: https://test.salesforce.com/services/oauth2/token
Or use: https://{YOUR_SALESFORCE_HOSTNAME}/services/oauth2/token
depending on your Salesforce setup
Include the following URL-encoded parameters in the request body:
grant_type: authorization_code
redirect_uri: {YOUR_CALLBACK_URL}
client_id: {YOUR_CONSUMER_KEY}
client_secret: {YOUR_CONSUMER_SECRET}
code: {YOUR_AUTHORIZATION_CODE}
Add Secrets in Mavenoid
Add the required secrets to Mavenoid. See Understand secrets in Mavenoid for more details.
Consumer Key
Name: client_id
Value: {YOUR_CLIENT_ID}
Refresh Token
Name: refresh_token
Value: {YOUR_REFRESH_TOKEN}
Configure the Access Token Request
Add a Custom JavaScript action in the Assistant Builder to retrieve the access token by making a POST request to Salesforce.
Token endpoint:
Production: https://login.salesforce.com/services/oauth2/token
Sandbox: https://test.salesforce.com/services/oauth2/token
Or use: https://{YOUR_SALESFORCE_HOSTNAME}/services/oauth2/token
depending on your Salesforce setup
Use the code templates at the end of this article to help configure this request.
Use the Access Token
Once retrieved, the access token can be used in subsequent steps to interact with Salesforce APIs. See our guide Managing Records with Salesforce REST API for more information on how to use it.
Copy-friendly code
export async function run(
formData: Record<string, any>,
secrets: Record<string, string>,
) {
const res = await fetch(`https://login.salesforce.com/services/oauth2/token`,
{
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
body: JSON.stringify({
grant_type: "refresh_token",
client_id: secrets["client_id"],
refresh_token: secrets["refresh_token"],
}),
}
);
if (!res.ok) {
const error = await res.text();
return { error };
}
const data = await res.json();
return {
access_token: data["access_token"],
};
}