Salesforce OAuth 2.0 JWT Bearer Token Flow
$ npm install salesforce-jwt-bearer-token-flow --saveCreate the private key and the certificate in osx terminal:
$ openssl req -nodes -new -x509 -keyout private.pem -out server.certCreate a connected app in Salesforce:
- Select Enable OAuth Settings
- Select Use digital signatures
- Upload the generated certificate
const fs = require('fs'),
privateKey = fs.readFileSync('private.pem').toString('utf8'),
jwt = require('salesforce-jwt-bearer-token-flow')
const token = jwt.getToken(
{
iss: '<YOUR_CONNECTED_APP_CLIENT_ID>',
sub: '<YOUR_SALESFORCE_USERNAME>',
aud: '<YOUR_AUDIENCE>',
privateKey: privateKey
},
function (err, token) {
console.log(token)
}
)const fs = require('fs')
, privateKey = fs.readFileSync('private.pem').toString('utf8')
, jwt = require("salesforce-jwt-bearer-token-flow")
;
async main () {
const token = await jwt.getToken({
iss: "<YOUR_CONNECTED_APP_CLIENT_ID>",
sub: "<YOUR_SALESFORCE_USERNAME>",
aud: "<YOUR_AUDIENCE>",
privateKey: privateKey
});
console.log(token)
}The audience (aud) must be:
- https://login.salesforce.com,
- https://test.salesforce.com
- https://acme.force.com/customers (where acme.force.com/customers is your community URL)
{
access_token: 'xxxxxxxxxx!ARYAQNzk4LCbHsX[...]',
scope: 'id full',
instance_url: 'https://eu6.salesforce.com',
id: 'https://login.salesforce.com/id/xxxxxxxxxxEAI/yyyyyyyyyy',
token_type: 'Bearer'
}MIT