locked
Custom Connector for Salesforce RRS feed

  • Question

  • Team,

    I am trying to create a custom Salesforce Logic Apps Custom Connector but I am stuck at the OAuth Security screen illustrated at the end of this post.  I do not know how to populate the Client ID and Client Secret fields because this information is not available in Salesforce - only the creator of the Connected App has access to this information and the creator of the app is Logic Apps.  Does anyone know what to do next?

    Thursday, September 20, 2018 12:46 PM

Answers

  • Thanks Mohamed!

    I've figured out my problem:

    1. I forgot to select "HTTPS" on the first screen of the custom connector; and
    2. I set the scope access inside Salesforce to "Full access (full)".  The solution is to just give access to all scopes otherwise you'll get an "OAUTH_APPROVAL_ERROR_GENERIC" error.

    For anyone reading this, do not try to use the auto-generated Connected App made by Azure called "Azure_Logic_Apps". Even after installing it inside Salesforce, you will not be able to view the clientId or secret. This is where I got hung up.  You must create your own Connected App as follows:

    1. Navigate to "App Manager" inside Salesforce
    2. Create a "New Connected App" (top right in lightning)
    3. Enter in appropriate "Connected App Name", "API Name", "Contacted Email" details.
    4. I click "Enable OAuth Settings" and set the "Call URL" as "https://logic-apis-canadacentral.consent.azure-apim.net/redirect" and set the "Selected OAuth Scopes" to EVERYTHING (remove these later one-by-one using the process of elimination, if required).
    5. Click Save.
    6. Click "View" for this App under "App Manager" and feed the clientId and secret into the Azure custom API.  Be sure to set it to HTTPS

    That's it for Salesforce. The rest is up to you to do in the Azure Custom API.  Doing the above steps allowed me to authorize the Custom API inside Azure. I'm still experiencing other issues with my custom API but I assume it's not related to this thread.




    Monday, September 24, 2018 1:18 PM

All replies

  • Hi,

    Client Id and Client Secret can be get under the Sales-force Account,

    here is the path details,

    Setup > App Manager > Down Arrow next to app name > View > look under 'API (Enable OAuth Settings)

    HTH


    Hope this Helps!!!! Regards, Note: Please Mark As Answered if you satisfy with Reply.

    Thursday, September 20, 2018 2:31 PM
  • Well, I deleted the existing connection and made a new one.  The new issue is that every time I enter in the login URL of https://test.salesforce.com, Azure overwrites it with https://login.salesforce.com which is incorrect.  This API connection is for a sandbox instance, not production.  Any idea on how to fix this?
    • Edited by Simon Nuss Friday, September 21, 2018 6:36 PM
    Friday, September 21, 2018 6:35 PM
  • Hi Simon,

    I simulated this issue. Yes, the URL automatically changes to login.salesforce.com in the edit Custom Adapter screen. But, it actually points to test.salesforce.com only.

    You can confirm this by looking at the automation script blade shown below. Further, when you open the logic app and try to create a new connection to the custom adapter, you will be shown the login page of test.salesforce.com.

    So it is safe to ignore this issue as the change works as expected. 

    Thanking you,

    Mohamed Ibrahim


    Saturday, September 22, 2018 1:15 PM
  • Thanks Mohamed!

    I've figured out my problem:

    1. I forgot to select "HTTPS" on the first screen of the custom connector; and
    2. I set the scope access inside Salesforce to "Full access (full)".  The solution is to just give access to all scopes otherwise you'll get an "OAUTH_APPROVAL_ERROR_GENERIC" error.

    For anyone reading this, do not try to use the auto-generated Connected App made by Azure called "Azure_Logic_Apps". Even after installing it inside Salesforce, you will not be able to view the clientId or secret. This is where I got hung up.  You must create your own Connected App as follows:

    1. Navigate to "App Manager" inside Salesforce
    2. Create a "New Connected App" (top right in lightning)
    3. Enter in appropriate "Connected App Name", "API Name", "Contacted Email" details.
    4. I click "Enable OAuth Settings" and set the "Call URL" as "https://logic-apis-canadacentral.consent.azure-apim.net/redirect" and set the "Selected OAuth Scopes" to EVERYTHING (remove these later one-by-one using the process of elimination, if required).
    5. Click Save.
    6. Click "View" for this App under "App Manager" and feed the clientId and secret into the Azure custom API.  Be sure to set it to HTTPS

    That's it for Salesforce. The rest is up to you to do in the Azure Custom API.  Doing the above steps allowed me to authorize the Custom API inside Azure. I'm still experiencing other issues with my custom API but I assume it's not related to this thread.




    Monday, September 24, 2018 1:18 PM
  • Hi Simon,

    That's correct. You can also try using the client id and client password in POSTMAN to get a token which you can later pass in the authorization header while sending a request to any object such as /sobject/account/<<place the identifier>>.

    When you choose OAUTH authentication while configuring a custom connector, you still need to authenticate the connector manually only i.e using browser. While doing so, you can capture the request sequence in Fiddler to know exactly what set of values should be set in the scope. I can provide you later if you couldn't run fiddler in your environment.

    If this helps, mark as answer.

    Thanking you,

    Mohamed Ibrahim


    Monday, September 24, 2018 2:00 PM