Salesforce Marketing Cloud Query authentication guide
- The Salesforce Marketing Cloud Query connector uses either a username and password or an OAuth for third-party authentication. This guide will only explain the OAuth method.
- While connector properties may differ between Cloud Data Warehouses, the authentication process remains the same.
Acquiring Third-Party Credentials
1. In Matillion ETL, on the top left, click Project, then Manage OAuth.
If a Salesforce Marketing Cloud Query connector has already been added to an Orchestration Job, the Manage OAuth dialog may also be accessed using the following method:
- Click the connector icon to open the Properties panel at the bottom of your Matillion ETL instance.
- Then, click ... next to the Service Type input.
- Select REST from the dropdown menu in the pop-up window, and click OK.
- The Authentication input will now appear on the list of properties. Click next to it, and finally click Manage in the pop-up dialog.
2. Click in the bottom left to open the Add OAuth Entry dialog.
3. Provide a name for the OAuth in the Name field, then click the Service dropdown menu, and select Salesforce Marketing Cloud. Click OK.
4. On returning to the Manage OAuth window, check the list of OAuths to ensure the new entry is listed.
This entry is Not Configured. Configuration of the OAuth entry will be discussed in Authorizing for use in Matillion ETL.
Acquiring Third-Party Credentials
1. Navigate to the Salesforce website. Hover your mouse over the Login drop-down menu, situated in the upper-right. The Marketing Cloud is not immediately visible in the Login dropdown menu, hover the cursor over Other Logins to reveal it. Click Marketing Cloud to redirect to the Salesforce Marketing cloud log in page. Enter valid credentials to continue.
2. Once logged in, the browser will open the Salesforce Marketing Cloud dashboard. Then at the top right, click the <Profile Name>, then click Setup.
3. On the Setup screen, click Apps, then click Installed Packages on the sidebar on the left. Then, click New in the top right of the Installed Packages window.
4. The New Package Details pop-up window will then appear. Provide details for the following fields:
- Name – provide a name for the package.
- Description – provide a short description for the package, then click Save.
5. This will open a Summary window for the newly created package. Next, a component will need to be added. Click Add Component at the bottom of the window.
6. The Add Component pop-up wizard will appear, and will prompt you to select a component type. Select API Integration, then click Next.
7. Select an integration type. Select Server-to-Server, then click Next.
8. Set Server-to-Server properties. To do this, in the Scopes section, tick the checkboxes next to the scopes the app will need to access, and click Save.
For a list of API Integration Permission Scopes, click here.
9. The browser will return to the Summary window, now with an API Integration section. Copy the strings for Client Id and Client Secret, as well as the subdomain of the Authentication Base URI, as they will be required in Authorizing for use in Matillion ETL.
- The subdomain can be located in the URL –
- When copying the strings, some browsers may add a space to the end of the string. Watch out for this as it will cause the credentials to fail.
Authorizing for Use in Matillion ETL
1. Return to the Manage OAuth window in Matillion ETL and click next to the previously created OAuth entry. This will open the Configure OAuth window.
2. Using the strings copied from the Salesforce website earlier, provide details for the following fields, then click OK:
- Client ID – enter the Client Key
- Client Secret – enter the Client Secret
- Subdomain – enter the subdomain of the Authentication Base URI, then click Next
3. You will return to the Manage OAuth dialog in Matillion ETL, and your newly created OAuth entry will now be configured.