Skip to content

Salesforce Marketing Cloud Query authentication guide

This is a step-by-step guide to acquiring credentials and authorizing the Salesforce Marketing Cloud Query component for use in Matillion ETL.

The Salesforce Marketing Cloud Query connector uses an OAuth for third-party authentication.

While connector properties may differ between cloud data warehouses, the authentication process remains the same.

Note

The callback URL, and therefore the Matillion ETL instance, must be HTTPS, not HTTP.

It is recommended that the callback URL be a fully qualified domain name (FQDN) and not an IP address.

Acquiring third-party credentials in Salesforce Marketing Cloud

  1. Open the Salesforce website, hover over Login in the top-right of the screen and select Marketing Cloud to redirect to the Salesforce Marketing Cloud login screen. Enter valid credentials to continue.
  2. On the Salesforce Marketing Cloud dashboard, hover over the profile name in the top-right, then click Setup.
  3. On the Setup screen, click Apps, then click Installed Packages on the sidebar on the left.
  4. On the Installed Packages screen, click New.
  5. On the New Package Details dialog, enter the following details, then click Save.
    • Name: A name for the package.
    • Description: A short description for the package
  6. This will open a Summary window for the newly created package. Click Add Component at the bottom of the window.
  7. On the Add Component dialog, select the API Integration component type, then click Next.
  8. Select the Server-to-Server integration type, then click Next.
  9. In the Scope section, select the scopes the app will need to access, and click Save. For a list of API Integration Permission Scopes, read the Salesforce documentation.

  10. The browser will return to the Summary window, now with an API Integration section. Copy the strings for Client Id and Client Secret, as well as the subdomain of the Authentication Base URI, as they will be required in authorizing for use in Matillion ETL.

    Note

    • The subdomain is the part of the URL between https:// and .auth.marketingcloudapis.com/, as follows: https://<copy this>.auth.marketingcloudapis.com/
    • When copying the strings, some browsers may add a space to the end of the string. Watch out for this as it will cause the credentials to fail.

  11. Now return to the Manage OAuth dialog in Matillion ETL to complete the OAuth configuration.

Note

Authentication may require some additional connection types to be selected. These should be set using the Connection Options property when you add a Salesforce Marketing Cloud Query component to an orchestration job.