You can now use the Salesforce source when running Adobe Experience Platform on Amazon Web Services (AWS). Experience Platform running on AWS is currently available to a limited number of customers. To learn more about the supported Experience Platform infrastructure, see the Experience Platform multi-cloud overview.
Adobe Experience Platform allows data to be ingested from external sources while providing you with the ability to structure, label, and enhance incoming data using Platform services. You can ingest data from a variety of sources such as Adobe applications, cloud-based storage, databases, and many others.
Experience Platform provides support for ingesting data from a third-party CRM system. Support for CRM providers include Salesforce.
Follow the steps below to learn how you can set up your Salesforce account for Experience Platform on Azure.
A list of IP addresses must be added to an allow list prior to working with source connectors. Failing to add your region-specific IP addresses to your allow list may lead to errors or non-performance when using sources. See the IP address allow list page for more information.
To establish a source connection between Salesforce and Platform, the Salesforce source data fields must be mapped to their appropriate target XDM fields prior to being ingested into Platform.
See the following for detailed information on the field mapping rules between Salesforce datasets and Platform:
To use the Salesforce source as part of B2B-CDP, you must first set up a Postman utility to auto-generate your Salesforce namespaces and schemas. The following documentation provides additional information on setting up the Postman utility:
With a Platform developer console and Postman set up, you can now start applying the appropriate environment values to your Postman environment.
The following table contains example values as well as additional information on populating your Postman environment:
Variable | Description | Example |
---|---|---|
CLIENT_SECRET |
A unique identifier used to generate your {ACCESS_TOKEN} . See the tutorial on authenticating and accessing Experience Platform APIs for information on how to retrieve your {CLIENT_SECRET} . |
{CLIENT_SECRET} |
JWT_TOKEN |
The JSON Web Token (JWT) is an authentication credential used to generate your {ACCESS_TOKEN}. See the tutorial on authenticating and accessing Experience Platform APIs for information on how to generate your {JWT_TOKEN} . |
{JWT_TOKEN} |
API_KEY |
A unique identifier used to authenticate calls to Experience Platform APIs. See the tutorial on authenticating and accessing Experience Platform APIs for information on how to retrieve your {API_KEY} . |
c8d9a2f5c1e03789bd22e8efdd1bdc1b |
ACCESS_TOKEN |
The authorization token required to complete calls to Experience Platform APIs. See the tutorial on authenticating and accessing Experience Platform APIs for information on how to retrieve your {ACCESS_TOKEN} . |
Bearer {ACCESS_TOKEN} |
META_SCOPE |
With regards to Marketo, this value is fixed and is alway set to: ent_dataservices_sdk . |
ent_dataservices_sdk |
CONTAINER_ID |
The global container holds all standard Adobe and Experience Platform partner provided classes, schema field groups, data types, and schemas. With regards to Marketo, this value is fixed and is always set to global . |
global |
PRIVATE_KEY |
A credential used to authenticate your Postman instance to Experience Platform APIs. See the tutorial on setting up developer console and setting up developer console and Postman for instructions on how to retrieve your {PRIVATE_KEY}. | {PRIVATE_KEY} |
TECHNICAL_ACCOUNT_ID |
A credential used to integrate to Adobe I/O. | D42AEVJZTTJC6LZADUBVPA15@techacct.adobe.com |
IMS |
The Identity Management System (IMS) provides the framework for authentication to Adobe services. With regards to Marketo, this value is fixed and is always set to: ims-na1.adobelogin.com . |
ims-na1.adobelogin.com |
IMS_ORG |
A corporate entity that can own or license products and services and allow access to its members. See the tutorial on setting up developer console and Postman for instructions on how to retrieve your {ORG_ID} information. |
ABCEH0D9KX6A7WA7ATQE0TE@adobeOrg |
SANDBOX_NAME |
The name of the virtual sandbox partition that you are using. | prod |
TENANT_ID |
An ID used to ensure that the resources you create are namespaced properly and are contained within your organization. | b2bcdpproductiontest |
PLATFORM_URL |
The URL endpoint that you are making API calls to. This value is fixed and is always set to: http://platform.adobe.io/ . |
http://platform.adobe.io/ |
munchkinId |
The unique ID for your Marketo account. See the tutorial on authenticating your Marketo instance for information on how to retrieve your munchkinId . |
123-ABC-456 |
sfdc_org_id |
The organization ID for your Salesforce account. See the following Salesforce guide for more information on acquiring your Salesforce organization ID. | 00D4W000000FgYJUA0 |
has_abm |
A boolean value that indicates if you are subscribed to Marketo Account-Based Marketing. | false |
has_msi |
A boolean value that indicates if you are subscribed to Marketo Sales Insight. | false |
With your Postman collection and environment set up, you can now run the script through the Postman interface.
In the Postman interface, select the root folder of the auto-generator utility and then select Run from the top header.
The Runner interface appears. From here, ensure that all the checkboxes are selected and then select Run Namespaces and Schemas Autogeneration Utility.
A successful request creates the B2B namespaces and schemas according to beta specifications.
This section applies to implementations of Experience Platform running on Amazon Web Services (AWS). Experience Platform running on AWS is currently available to a limited number of customers. To learn more about the supported Experience Platform infrastructure, see the Experience Platform multi-cloud overview.
Follow the steps below to learn how you can set up your Salesforce account for Experience Platform on Amazon Web Services (AWS).
To connect your Salesforce account to Experience Platform in an AWS region, you must have the following:
You must also add the following IP addresses to your allowlist, in order to connect your Salesforce account to Experience Platform on Amazon Web Services (AWS):
34.193.63.59
44.217.93.240
44.194.79.229
First, use the following to create certificate/key-pair of PEM files.
openssl req -newkey rsa:4096 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
https://localhost
.Add the following permissions:
Once your permissions are added, ensure that you enable the box for Issue JSON Web Token (JWT)-based access tokens for named user.
Next, select Save, Continue, and then Manage Customer Details. Use the consumer details panel to retrieve the following:
Follow the steps below to get authorization to use the Connected App:
Follow the steps below to generate your JWT bearer token.
To generate your JWT bearer token, you must first use the following command to convert your certificate/key-pair into pkcs12 format. During this step, you must also set an export password when prompted.
openssl pkcs12 -export -in cert.pem -inkey key.pem -name jwtcert >jwtcert.p12
Next, use the following command to create a java keystore based on the pkcs12 that you just generated. During this step, you must also a set a destination keystore password when prompted. Additionally, you must provide the previous export password as your source keystore password.
keytool -importkeystore -srckeystore jwtcert.p12 -destkeystore keystore.jks -srcstoretype pkcs12 -alias jwtcert
Next, use the follow command to confirm that your keystroke.jks
includes a jwtcert
alias. During this step, you will be prompted to provide the destination keystore password that was generated in the previous step.
keytool -keystore keystore.jks -list
Finally, use the java class JWTExample below to generate your signed token.
package org.example;
import org.apache.commons.codec.binary.Base64;
import java.io.*;
import java.security.*;
import java.text.MessageFormat;
public class Main {
public static void main(String[] args) {
String header = "{\"alg\":\"RS256\"}";
String claimTemplate = "'{'\"iss\": \"{0}\", \"sub\": \"{1}\", \"aud\": \"{2}\", \"exp\": \"{3}\"'}'";
try {
StringBuffer token = new StringBuffer();
//Encode the JWT Header and add it to our string to sign
token.append(Base64.encodeBase64URLSafeString(header.getBytes("UTF-8")));
//Separate with a period
token.append(".");
//Create the JWT Claims Object
String[] claimArray = new String[5];
claimArray[0] = "{CLIENT_ID}";
claimArray[1] = "{AUTHORIZED_SALESFORCE_USERNAME}";
claimArray[2] = "{SALESFORCE_LOGIN_URL}";
claimArray[3] = Long.toString((System.currentTimeMillis() / 1000) + 2629746*4);
MessageFormat claims;
claims = new MessageFormat(claimTemplate);
String payload = claims.format(claimArray);
//Add the encoded claims object
token.append(Base64.encodeBase64URLSafeString(payload.getBytes("UTF-8")));
//Load the private key from a keystore
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream("path/to/keystore"), "keystorepassword".toCharArray());
PrivateKey privateKey = (PrivateKey) keystore.getKey("jwtcert", "privatekeypassword".toCharArray());
//Sign the JWT Header + "." + JWT Claims Object
Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(privateKey);
signature.update(token.toString().getBytes("UTF-8"));
String signedPayload = Base64.encodeBase64URLSafeString(signature.sign());
//Separate with a period
token.append(".");
//Add the encoded signature
token.append(signedPayload);
System.out.println(token.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
}
Property | Configurations |
---|---|
claimArray[0] |
Update claimArray[0] with your client ID. |
claimArray[1] |
Update claimArray[1] with the Salesforce username that is authorized against the app. |
claimArray[2] |
Update claimArray[2] with your Salesforce login URL. |
claimArray[3] |
Update claimArray[3] with an expiration date formatted in milliseconds since epoch time. For example 3660624000000 is 12-31-2085. |
/path/to/keystore |
Replace /path/to/keystore with the correct path to your keystore.jks |
keystorepassword |
Replace keystorepassword with your destination keystore password. |
privatekeypassword |
Replace privatekeypassword with your source keystore password. |
Once you have completed prerequisite set up for your Salesforce account, you can proceed to connect your Salesforce account to Experience Platform and ingest your CRM data. Read the documentation below for more information:
The documentation below provides information on how to connect Salesforce to Platform using APIs or the user interface: