Salesforce connector
The Salesforce connector communicates with the Salesforce REST API to query and retrieve data from your Salesforce org. It supports SOQL queries, SOSL full-text search, fetching records by ID, listing records for standard and custom objects, retrieving sobject metadata (describe), and downloading file content from ContentVersion records.
You can create connectors in Stack Management > Connectors.
Salesforce connectors use OAuth 2.0 Client Credentials and have the following configuration properties:
- Token URL
- The OAuth 2.0 token endpoint for your Salesforce instance. The value is your domain name plus
/services/oauth2/token. Examples:https://login.salesforce.com/services/oauth2/token(production),https://test.salesforce.com/services/oauth2/token(sandbox), orhttps://yourcompany.my.salesforce.com/services/oauth2/token(My Domain). - Client ID
- The Consumer Key from your Salesforce Connected App.
- Client Secret
- The Consumer Secret from your Salesforce Connected App.
The connector uses the token URL to both obtain an access token and derive the instance base URL for API calls.
You can test connectors as you're creating or editing the connector in Kibana. The test verifies connectivity by running a simple SOQL query (SELECT Id FROM User LIMIT 1).
The Salesforce connector has the following actions:
- Query
-
Run a SOQL query against Salesforce. Returns query results; for large result sets, the response may include
nextRecordsUrlfor pagination.- soql (required): A valid SOQL query string (for example,
SELECT Id, Name FROM Account LIMIT 10). - nextRecordsUrl (optional): URL from a previous response to fetch the next page of results.
- soql (required): A valid SOQL query string (for example,
- Search
-
Run a SOSL full-text search across one or more sobjects. Only searches objects you list in returning; custom objects must have "Allow Search" enabled. Results are capped at about 2000. Use describe or list objects first to discover valid object names.
- searchTerm (required): Text to search for (for example,
Acme CorporQ4 renewal). - returning (required): Comma-separated sobject API names to search (for example,
Account,Contact,Opportunity). - nextRecordsUrl (optional): URL from a previous response to fetch the next page of search results.
- searchTerm (required): Text to search for (for example,
- Get record
-
Retrieve a single record by object type and record ID.
- sobjectName (required): The API name of the sobject (for example,
Account,Contact,Lead). - recordId (required): The 18-character record ID.
- sobjectName (required): The API name of the sobject (for example,
- List records
-
List records for a Salesforce sobject. Returns a page of record IDs; use
nextRecordsUrlfrom the response to fetch the next page.- sobjectName (required): The API name of the sobject (for example,
Account,Contact). - limit (optional): Maximum number of records to return. Default is 50; maximum is 2000.
- nextRecordsUrl (optional): URL from a previous response to fetch the next page of results.
- sobjectName (required): The API name of the sobject (for example,
- Describe
-
Get metadata for an sobject (fields, layout, and other describe information). Use this to discover field names and types before building SOQL queries or mapping data.
- sobjectName (required): The API name of the sobject (for example,
Account,Contact,MyObject__c).
- sobjectName (required): The API name of the sobject (for example,
- Download file
-
Download file content from a ContentVersion record. Returns the file as base64 and the content-type header when present.
- contentVersionId (required): The ContentVersion record Id (from a SOQL query or related record).
Use the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings to set per-host configurations.
To use the Salesforce connector, you need a Connected App with OAuth 2.0 Client Credentials (or similar) enabled:
- Log in to Salesforce and open Setup.
- In the Quick Find box, search for App Manager and open it.
- Click New Connected App.
- Enable Enable OAuth Settings.
- Under OAuth and OpenID Connect Settings:
- Add a Callback URL (required by Salesforce; the connector uses the client credentials flow).
- Under Selected OAuth Scopes, add at least: Access and manage your data (api), Perform requests at any time (refresh_token, offline_access), and Provide access to your data via the Web (web) as needed for your use case.
- Enable Enable Client Credentials Flow if your org supports it (required for server-to-server integration).
- Save the app. Wait a few minutes for the app to be activated, then click Manage Consumer Details and verify or set the Consumer Key (Client ID) and Consumer Secret (Client Secret).
- Use the Consumer Key as Client ID and Consumer Secret as Client Secret when creating the connector in Kibana.
- For Token URL, use the formula domain name +
/services/oauth2/token:- Production:
https://login.salesforce.com+/services/oauth2/token→https://login.salesforce.com/services/oauth2/token - Sandbox:
https://test.salesforce.com+/services/oauth2/token→https://test.salesforce.com/services/oauth2/token - My Domain:
https://yourcompany.my.salesforce.com+/services/oauth2/token→https://yourcompany.my.salesforce.com/services/oauth2/token
- Production: