Configure an OAuth Linked Service for Salesforce in Azure Data Factory

#AzureAD #Entra #AzureDataFactory

I recently received a request to update the Azure Data Factory Linked Service connector to Salesforce. When they login, they get the following warning message:

Your Data Factory has pipelines that are still utilizing the legacy connector versions. Please kindly upgrade to the latest connector version at your earliest convenience. For your reference, you can view all the relevant linked services here.

When I click on the “View all” link, I can see that there's a Linked Service with the “Salesforce (Legacy)” type listed:

This post will discuss the steps for upgrading this connector to use the modern OAuth method for authentication and how to update your Azure Data Factory flows with the new Salesforce connector.

To perform these actions, you will need at least the following permissions:

Prepare Salesforce configuration

To begin, we have to configure Salesforce to use an app for OAuth authentication.

  1. Login to Salesforce and navigate to Settings > Setup

  1. Navigate to Apps > App Manager

  1. Click “New Connected App”

  1. Select “Create an External Client App” and click the “Continue” button.

  1. I the popup, enter a name like “Azure Data Factory” and fill in the required contact information.

  1. Expand the option for “API (Enable OAuth Settings” and check the box for “Enable OAuth”.

img

  1. In the “Callback URL” field, enter both URLs:

In the OAuth Scopes section, add the following permissions to the right side:

  1. Check the box “Enable Client Credentials Flow” and accept the confirmation popup.

Once completed, click “Create”.

  1. Return to the External Client App Manager page. Click on the arrow next to your Azure Data Factory app, and click “Edit Policies”.

  1. Expand the “OAuth Policies” section.

Edit the Run As (Username) field with the login name for the Service Account in Salesforce. This Service Account should have the “Salesforce Integration” User License applied to it.

Click the “Save” button when finished.

  1. Now that the Connected App is created, retrieve the Key and Secret for Azure Data Factory.

Inside the External Client App Manager menu for your Azure Data Factory app, navigate to the Settings tab. Expand the “OAuth Policies” section and click “Consumer Key and Secret”.

  1. Copy both values to a Notepad document or other scratch pad.

These values will be used to configure Azure Data Factory.

Configure Azure Data Factory

Now that the Salesforce side is configured, you can create a new Linked Service in Azure Data Factory to connect.

  1. Navigate to Azure Data Factory: https://adf.azure.com/

Navigate to Manage > Linked services > New

  1. Search for and select “Salesforce”:

  1. Name the Linked Service “Salesforce” and enter the Salesforce Environment URL, formatted like https://tenant.my.salesforce.com/or a Sandbox environment, use: https://tenant.sandbox.my.salesforce.com/

  1. Copy and paste the values from Salesforce into Azure Data Factory:

Set the Salesforce API version to: 54.0

  1. Click the “Test connection” button to ensure it's working, then click the “Create” button to save the Linked Service.

Update Azure Data Factory resources

Now that the new Linked Service is added, you will need to update all of the legacy resources that use that Linked Service.

  1. Navigate to Manage > Linked Services and click on the “Salesforce (Legacy)” Linked Service.

In the pane to the right, these Datasets will need to be updated by clicking on the item, and changing the configuration.

  1. Update each of the related objects by changing the Linked Service in the dropdown to the new Salesforce connection.

Be sure to make sure all of your Pipelines are using this new Linked Service and that there are no query issues. Once you're sure, you can delete the old Linked Service for “Salesforce (Legacy)”.

References

Footer image

Discuss...