Connecting to Salesforce database

Add new connection

To connect to Salesforce create new documentation by clicking Add documentation and choosing Database connection.

On the Add documentation screen choose Salesforce:

Connection details

Select authentication type:

• Interactive sign-in - upon clicking Connect button, you will see a Salesforce webpage where you provide a Username and a Password

• Sign in with values - in order to Connect you need to configure Connected app and then provide the values.

Provide connection details:

• Server URL - URL of your Salesforce organization's domain e.g. https://yourcompanyname.my.salesforce.com

• User

• Password

• Consumer Key - Check out how to obtain a Consumer Key and Consumer Secret from Salesforce down below.

• Consumer Secret

Get Consumer Key and Secret Key from Salesforce

To connect Salesforce with Dataedo app the Salesforce administrator needs to set up Connected app within the admin panel.

Step 1.

Click setup icon in a top right corner and then Setup

Step 2.

In the left sidebar within a PLATFORM TOOLS group you can find Apps and then App Manager. Click it to list all the connected Applications used across your organization.

Step 3.

Select New Connected App on the right.

Step 4.

Fill in all the required information inside the Basic Information section.

Here's an example configuration:

Step 5.

1. Select Enable OAuth Settings

2. Set Callback URL to http://localhost:5005/oauth2

3. Make sure that Require Secret for Web Server Flow and Require Secret for Refresh Token Flow are unselected

4. In Selected OAuth Scopes add:

   • Access unique user identifiers (openid)

   • Manage user data via APIs (api)

   • Manage user data via Web browsers (web)

5. Submit with Save on top of the page.

Step 6.

After creating Connected App you can see a summary. To unlock signing in with password:

1. Click Manage

2. Then press Edit Policies

3. Inside OAuth Policies change Permitted Users to All users may self-authorize and IP Relaxation to Relax IP restrictions.

4. Submit changes by clicking "Save" at the bottom.

Step 7.

In Setup sidebar under Settings section expand Identity menu. Go to OAuth and OpenID Connect Settings and enable 'Allow OAuth Username-Password Flows'.

You might need to wait around 10 minutes to let changes propagate through Salesforce systems.

Step 8.

Go to Apps > App Manager click down arrow icon next to the newly created app and View.

Step 9.

You can find the Consumer Key on the left side. To get Consumer Secret click "Click to reveal" on the right and copy the key.

Saving password

You can save password for later connections by checking Save password option. Passwords are saved in the repository database.

Importing metadata

When connection was successful Dataedo will read objects and show a list of objects found. You can choose which objects to import. You can also use advanced filter to narrow down list of objects.

Confirm list of objects to import by clicking Next.

Next screen allows you to change default name of the documentation under which it will be visible in Dataedo repository.

Click Import to start the import.

When done close import window with Finish button.

Outcome

Your Salesforce objects have been imported to new documentation in the repository.

Troubleshooting

OAUTH_APPROVAL_ERROR_GENERIC

Error message: OAUTH_APPROVAL_ERROR_GENERIC: An unexpected error has occurred during authentication

Since September 2025, Salesforce enforces new security restrictions on how third-party applications connect. This may cause connection issues.

The solution: Dataedo application needs to be explicitly installed and approved within your Salesforce Connected Apps settings.

info

By default, Dataedo uses a predefined Connected App for authentication. However, we recommend creating your own Connected App for better control and security.

Option 1: Use your own Connected App (Recommended)

See Use your own Connected App for instructions.

Option 2: Salesforce Admin Install

A Salesforce Administrator needs to install the Dataedo app in your organization:

1. Log in to Salesforce as a Salesforce Administrator
2. Navigate to Setup
3. In the Quick Find box, search for Connected Apps OAuth Usage
4. Find the Dataedo app in the list and click Install or Approve

caution

Dataedo Connected App will only be visible once a user has attempted to connect. If it's not listed, have a user attempt the connection first, then return to approve it.

Option 3: User-Specific Permission

If other options fail to resolve the issue, a Salesforce Administrator can grant permission to the user's profile:

1. Navigate to Setup
2. In the Quick Find box, search for Profiles and select the user's profile
3. Under System Permissions, enable Approve Uninstalled Connected Apps

---

OAUTH_APP_BLOCKED

The Connected App used for authentication has been blocked in your Salesforce organization.

The solution (requires Salesforce Administrator):

1. In Salesforce, navigate to Setup → Connected Apps OAuth Usage
2. Find the application in the list (Dataedo or your custom Connected App)
3. If blocked, click Install to unblock the app

---

API access errors

If users cannot connect their Salesforce account, verify that the user's profile has the API Enabled permission:

1. Navigate to Setup → Profiles
2. Select the user's profile
3. Under System Permissions, ensure API Enabled is checked

---

Advanced configuration

For organizations with specific security requirements, Dataedo supports additional configuration options through ImportSettings.json.

File location: [Dataedo Installation Path]\Application\ImportSettings.json

Available settings

Setting	Description	Example
SalesforceClientIdOverride	Use your own Connected App Client ID	"3MVG9..."
SalesforceCustomDomain	Authenticate via custom My Domain instead of login.salesforce.com	"yourcompany"
UseSystemBrowserToAuthenticateSalesforce	Use system browser instead of embedded during interactive login	true

Use your own Connected App

info

Salesforce now recommends External Client Apps instead of Connected Apps for new integrations. The steps below use External Client Apps.

Create a dedicated app in your Salesforce organization for Dataedo authentication:

Step 1. In Salesforce Setup, search for App Manager and click New External Client App

Step 2. Fill in Basic Information:

• External Client App Name: Dataedo (or your preferred name)
• Contact Email: your email
• Distribution State: select Local

Step 3. Under Enable OAuth configure:

• Check Enable OAuth
• Callback URL: http://localhost:5005/oauth2
• OAuth Scopes: Add Manage user data via APIs (api)

Step 4. Click Create

Step 5. Copy the Client ID (Consumer Key)

Step 6. Add to ImportSettings.json:

{
  "SalesforceClientIdOverride": "<your-client-id>"
}

For more details, see Salesforce External Client App documentation.

Use custom My Domain

If your organization blocks login.salesforce.com and requires authentication through your custom domain (e.g., acme.my.salesforce.com):

{
  "SalesforceCustomDomain": "acme"
}