Grant Type: JWT
The Salesforce source supports the JSON Web Token (JWT) Grant type.
Note
If you experience any issues with this configuration, refer to the Troubleshooting topic.
-
Enter the username of the Salesforce user in the Subject field.
-
Enter the OAuth Client ID for the connected application for which you registered the certificate in the Issuer field.
-
Enter the recipient for which the JWT is intended in the Audience field.
-
Enter the Private Key to be used to assert the JWT.
Note
The private key should be in standard PKCS #1 format. Currently, SailPoint doesn't support private keys in PKCS #8 format. -
Enter the Private Key Password for the Private Key.
Note
This is only needed if the Private Key is encrypted with a passphrase. -
Select Save.
On the Salesforce source UI, configure the following fields:
Issuer*
The OAuth Client_ID or the connected application for which you registered the certificate.
Subject*
The subject must contain the username of the Salesforce user.
Audience*
JWT audience for authorization. This the recipient for which the JWT is intended.
Private Key*
The private key to be used to sign the JWT.
Note
The private key should be in standard PKCS #1 format. Currently, SailPoint doesn't support private keys in PKCS #8 format.
Private Key Password*
Password for the provided private key. This is only needed if the Private Key is encrypted with a passphrase.