AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

Cannot create appflow connector profile from AWS CLI

0

I am trying to create a connector profile to create a connection with Salesforce for Appflow flows using this doc: https://docs.aws.amazon.com/appflow/latest/userguide/salesforce.html#salesforce-global-connected-app

Using the above aws doc, I tried to create a connector profile using the AWS CLI.

I am using the below input:

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "https://<instance>.salesforce.com",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": { 
              "accessToken": "<access token>",
              "refreshToken": "<refresh token>",
              "clientCredentialsArn": "arn:aws:secretsmanager:us-west-2:<aws account>:secret:<secret name>",
              "oAuthRequest": {
                "authCode": "<code>",
                "redirectUri": "https://test.salesforce.com/"
              }
          }
      }
  }
}

The response body I get is: {"message":"Client Error in the service"}

As you can see, the response is not very helpful so I do not know where am I going wrong.

Did I forget a field in the request payload. Did I input incorrect values? I simply do not know and hope someone can lead me to the right direction.

I am aware of the ability to create this kind of profile through the console but it does not satisfy our use case.

トピック
管理とガバナンスアプリケーション統合
タグ
AWS コマンドラインインターフェイスAmazon AppFlow
言語
English
alduiin
質問済み 2年前321ビュー
2回答
0

Make sure you are using the latest version of AWS CLI.

profile pictureAWS
エキスパート
kentrad
回答済み 2年前
0

Hi there,

From the documentation follow the steps to create Secrets Manager with clientId and clientSecret and encrypt it using KMS Key, which has permission attached to be accessed by AppFlow. (You can skip this step, if it is already configured)

There are two methods to create connector profile in Salesforce.

Method 1: With authCode

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "InstanceURL",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": {
              "clientCredentialsArn": "arn:aws:secretsmanager:{Region}:{Account-Id}:secret:{SecretKey}",
              "oAuthRequest": {
                "authCode": "<AuthCode>",
                "redirectUri": "<RedirectUri>"
              }
          }
      }
  }
}

Method 2: Without AuthCode

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "InstanceURL",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": { 
              "accessToken": "<AccessToken>",
              "refreshToken": "<RefreshToken>"
          }
      }
  }
}

How to generate authCode ?

Auth code can be generated using URL: https://<DOMAIN>/services/oauth2/authorize?response_type=code&client_id=<CONSUMER_KEY>&redirect_uri=<Redirect_Url>

NOTE:

  1. <DOMAIN_URL> and <CONSUMER_KEY> can be viewed in Salesforce "My Domain" and "Manage Connected Apps" respectively.
  2. redirect_uri = Callback URL configured in your Salesforce Connected App

Generated authCode can be used in creating connector profile using Method 1

How to generate AccessToken and RefreshToken ?

Once you get AuthCode from previous step, accessToken and refreshToken can be generated using below method:

$ curl --location --request POST 'https://login.salesforce.com/services/oauth2/token?code=<authcode>&grant_type=authorization_code&client_id=<CONSUMER_KEY>&client_secret=<CONSUMER_SECRET>&redirect_uri=<redirectURI>'

Sample Output:

{ "access_token": "XXXXX", "refresh_token": "XXXXX", "signature": "XXXXX", "scope": "refresh_token SOMETHING", "id_token": "XXXXX", "instance_url": "InstanceURL", "id": "https://login.salesforce.com/id/XXXXX/XXXXX ", "token_type": "Bearer", "issued_at": "XXXXX" }

access_token and refresh_token can be used in creating connector profile using Method 2

profile pictureAWS
サポートエンジニア
Narayan_S
回答済み 2年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ