Before creating a Salesforce data source in Denodo, you have to set up a connected application in Salesforce.

There are 2 methods to authenticate - web server flow and username and password.

Web Server Flow

This authentication flow provides one important security benefit over the username and password flow; Denodo is never exposed to the credentials of the user account of Salesforce. Instead, it just knows the credentials of the registered application.

1. Enter a descriptive Name with no spaces.
   NOTE: Names will automatically be converted to lowercase.
2. For Authentication, select Web Server.
3. Enter the Client identifier and Client secret. These are the Consumer Key and Consumer Secret of the connected app in Salesforce.
4. Instead of individually filling in the following fields, select Launch the OAuth 2.0 credentials wizard to help you obtain these credentials.
   NOTE: If this option is inactive or grayed out, go to the upper right and select Tools. Then select OAuth credentials wizards and select OAuth 2.0 wizard.
5. Enter the authentication details.
   1. For Token endpoint URL, enter: https://login.salesforce.com/services/oauth2/token.
   2. For Authorization server URL, enter: https://login.salesforce.com/services/oauth2/authorize.
6. For Redirect URI, leave the Redirect URI as the default selected, if you are connecting to Dev or QA (assuming you included all three when you created the Box app).
   NOTE: If you only added one Redirect URI and it is not for the environment you are creating the data source in, you can go back to the Box app and add more Redirect URIs.
   NOTE: If you are connecting to production, select Other and enter https://datahub.uillinois.edu/oauth/2.0/redirectURL.jsp.
7. Generate the authorization URL.
   1. Expand the 2. Generate the authorization URL section.
   2. Select Generate to generate the authorization URL.
   3. Select Open URL next to the generated Authorization URL.
      NOTE: you may need to allow access to the application at this step.
   4. On the Virtual DataPort OAuth 2.0 Credentials Wizard webpage, copy the URL.
8. Paste the authorization response URL.
   1. Return to the Denodo OAuth 2.0 credentials wizard.
   2. Expand the 3. Paste the authorization response URL section.
   3. Paste the URL into the Authorization response URL field.
9. Obtain the OAuth 2.0 credentials.
   1. Expand the 4. Obtain the OAuth 2.0 credentials section.
   2. Select OAuth 2.0 credentials.
      NOTE: A notification will appear notifying you that the OAuth2.0 credentials were successfully obtained.
   3. Select Copy the credentials to the clipboard.
      NOTE: Paste to a convenient, easily accessible location (such as Notepad) in case the Access token and Refresh token are not automatically filled out in the data source configuration. The copied credentials include client identifier, client shared secret, access token, and refresh token.
   4. Select OK.
10. For Base URL, enter the URL of the Salesforce instance to access.
11. Enter the version of the Salesforce REST API version to use. This has to be something like “v41.0”. Click Get latest version to send a request to Salesforce to obtain the latest version of the API.
12. Select the Delegate GROUP BY option to push down the GROUP BY clause to Salesforce. Take into account that Salesforce limits to 2,000 the number of rows a query with GROUP BY can return.
13. Click Save to create the data source.

Username and Password Flow

NOTE: Although the connection is encrypted with https, this OAuth authentication flow passes the user’s credentials back and forth. Use it only if the Web Server authentication flow is not possible.

1. Enter a descriptive Name with no spaces.
   NOTE: Names will automatically be converted to lowercase.
2. For Authentication, select Username and password.
3. Enter the Client identifier and Client secret. These are the Consumer Key and Consumer Secret of the connected app in Salesforce.
4. Enter the User identifier and User password. These are the credentials of the Salesforce user account.
5. Enter the Security token of this Salesforce account.
6. Enter the version of the Salesforce REST API version to use. This has to be something like “v41.0”. Click Get latest version to send a request to Salesforce to obtain the latest version of the API.
7. Select the Delegate GROUP BY option to push down the GROUP BY clause to Salesforce. Take into account that Salesforce limits to 2,000 the number of rows a query with GROUP BY can return.
8. Click Save to create the data source.