Skip to content

Salesforce Troubleshooting and Validation

Validation After Connection

  1. In the SailPoint Entro Dashboard, navigate to Management → Accounts & Integrations → Salesforce.

  2. Confirm that the integration status displays Verified, with a recent validation timestamp.

  3. Verify that findings related to Salesforce (e.g., secrets in service cases) are populating in the Secrets Inventory tab.

API Scope Validation (Optional)

You can validate the credentials and flow using a curl command from your terminal:

 curl -X POST https://<DOMAIN>.my.salesforce.com/services/oauth2/token \
  -d "grant_type=client_credentials" \
  -d "client_id=<CLIENT_ID>" \
  -d "client_secret=<CLIENT_SECRET>"

Expected Output: A JSON response containing an access_token.

Common Issues

Issue Probable Cause Resolution
error: invalid_client_id Wrong Consumer Key or Secret. Double-check values copied from the Salesforce App Manager details page.
error: invalid_grant (no client credentials user enabled) The "Run As" user is not configured for the flow. Go to Manage → Edit Policies. Under Client Credentials Flow, ensure a valid Run As User is selected and saved.
error: invalid_grant (authentication failure) Policies are incorrect. Ensure Permitted Users is set to "All users can self-authorize" in the App Policies.
error: inactive_user The "Run As" user is deactivated. Reactivate the user or select a different active user in the App Policies.
No Findings/Data Insufficient permissions for the "Run As" user. Log in as the "Run As" user and verify they can view Cases, Comments, and Emails manually.