Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Cannot create appflow connector profile from AWS CLI

0

I am trying to create a connector profile to create a connection with Salesforce for Appflow flows using this doc: https://docs.aws.amazon.com/appflow/latest/userguide/salesforce.html#salesforce-global-connected-app

Using the above aws doc, I tried to create a connector profile using the AWS CLI.

I am using the below input:

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "https://<instance>.salesforce.com",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": { 
              "accessToken": "<access token>",
              "refreshToken": "<refresh token>",
              "clientCredentialsArn": "arn:aws:secretsmanager:us-west-2:<aws account>:secret:<secret name>",
              "oAuthRequest": {
                "authCode": "<code>",
                "redirectUri": "https://test.salesforce.com/"
              }
          }
      }
  }
}

The response body I get is: {"message":"Client Error in the service"}

As you can see, the response is not very helpful so I do not know where am I going wrong.

Did I forget a field in the request payload. Did I input incorrect values? I simply do not know and hope someone can lead me to the right direction.

I am aware of the ability to create this kind of profile through the console but it does not satisfy our use case.

Tópicos
Gestão e governançaIntegração de aplicativos
Tags
Interface da linha de comando da AWSAmazon AppFlow
Idioma
English
alduiin
feita há 2 anos321 visualizações
2 Respostas
0

Make sure you are using the latest version of AWS CLI.

profile pictureAWS
ESPECIALISTA
kentrad
respondido há 2 anos
0

Hi there,

From the documentation follow the steps to create Secrets Manager with clientId and clientSecret and encrypt it using KMS Key, which has permission attached to be accessed by AppFlow. (You can skip this step, if it is already configured)

There are two methods to create connector profile in Salesforce.

Method 1: With authCode

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "InstanceURL",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": {
              "clientCredentialsArn": "arn:aws:secretsmanager:{Region}:{Account-Id}:secret:{SecretKey}",
              "oAuthRequest": {
                "authCode": "<AuthCode>",
                "redirectUri": "<RedirectUri>"
              }
          }
      }
  }
}

Method 2: Without AuthCode

{
  "connectorProfileName": "<connector name>",
  "connectorType": "Salesforce",
  "connectionMode": "Public",
  "connectorProfileConfig": {
      "connectorProfileProperties": { 
          "Salesforce": { 
              "instanceUrl": "InstanceURL",
              "isSandboxEnvironment": true
          }
      },
      "connectorProfileCredentials": { 
          "Salesforce": { 
              "accessToken": "<AccessToken>",
              "refreshToken": "<RefreshToken>"
          }
      }
  }
}

How to generate authCode ?

Auth code can be generated using URL: https://<DOMAIN>/services/oauth2/authorize?response_type=code&client_id=<CONSUMER_KEY>&redirect_uri=<Redirect_Url>

NOTE:

  1. <DOMAIN_URL> and <CONSUMER_KEY> can be viewed in Salesforce "My Domain" and "Manage Connected Apps" respectively.
  2. redirect_uri = Callback URL configured in your Salesforce Connected App

Generated authCode can be used in creating connector profile using Method 1

How to generate AccessToken and RefreshToken ?

Once you get AuthCode from previous step, accessToken and refreshToken can be generated using below method:

$ curl --location --request POST 'https://login.salesforce.com/services/oauth2/token?code=<authcode>&grant_type=authorization_code&client_id=<CONSUMER_KEY>&client_secret=<CONSUMER_SECRET>&redirect_uri=<redirectURI>'

Sample Output:

{ "access_token": "XXXXX", "refresh_token": "XXXXX", "signature": "XXXXX", "scope": "refresh_token SOMETHING", "id_token": "XXXXX", "instance_url": "InstanceURL", "id": "https://login.salesforce.com/id/XXXXX/XXXXX ", "token_type": "Bearer", "issued_at": "XXXXX" }

access_token and refresh_token can be used in creating connector profile using Method 2

profile pictureAWS
ENGENHEIRO DE SUPORTE
Narayan_S
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante