Salesforce OAuth JWT connection in MuleSoft

  • July 14, 2022

Let’s create a Salesforce OAuth JWT connection in MuleSoft:

  1. Log in to your Salesforce account
  2. Go to Setup
  3. Go to Certificate -> Key Management (you can search in Quick Find on the left side)
  4. Click Create Self-Signed Certificate
  5. Enter a unique label name
  6. Click Save 
  7. Download the certificate 
  8. Return to Certificate -> Key Management and click “Export to Keystore” to download the keystore file 
  9. Enter a Keystore password and save it for later use 
  10. Go to Apps -> App Manager -> New Connected App 
  11. Set a Connected App Name and Contact Email in the Basic Information section 
  12. Select the Enable OAuth Settings check box 
  13. Set up the Callback URL 
  14. Select the Use Digital Signatures check box and upload the previously downloaded certificate
  15. Add the Selected Oauth Scopes 
    1. Manage user data via APIs (api) 
    2. Perform requests at any time (refresh_token,offline_access) 
    3. Manage user data via web browsers (web)
  16. Save the Connected App
  17. Write down the consumer key 
  18. Go to Manage -> Edit Policies 
  19. Change Permitted Users to Admin Approved Users are Pre-authorized and select OK to the pop-up notification and click Save 
  20. Go to App Manager, select the connected app you created from the list, use the drop-down arrow at the right-most side of the connected app and select Manage 
  21. Go to Manage Profiles, add the required profiles and click Save 
  22. Go to Anypoint Studio 
    1. In the Salesforce Config Tab, select OAuth JWT as the connection
    2. Add the required configuration details:
      1. Consumer key of your created app
      2. Path to the Keystore file you downloaded
      3. Keystore password you created
      4. Email ID you specified while creating the app

The token endpoint should be:

  • For a trial/production account: https://login.salesforce.com/services/oauth2/token
  • For a sandbox account: https://test.salesforce.com/services/oauth2/token

— By Prathamesh Bhandwalkar