Allowing Integrate.io ETL access to my data on Salesforce using Customer-Managed OAuth

This guide explains how to retrieve the Client ID, Client Secret, Authorization Code, Access Token, Refresh Token, and Instance URL for OAuth 2.0 integration with Salesforce.

We’ll use Postman and curl to demonstrate the flow.

Step 1: Get Client ID and Client Secret from Salesforce Dashboard

1. Log into Salesforce with an admin account.

2. In the top-right, click the gear icon → Setup.

3. In the left sidebar, search for App Manager and click it.

4. Click New External Client App (or find an existing one and click View).

5. Fill in:

   • Connected App Name: My OAuth App

   • API Name: auto-generated

   • Contact Email: your email

6. Scroll down to API (Enable OAuth Settings) and:

   • Check Enable OAuth Settings

   • Callback URL: use https://oauth.pstmn.io/v1/callback for Postman testing

   • Selected OAuth Scopes:

     • Perform requests at any time (refresh_token, offline_access)

     • Manage user data via APIs (api)

     • Full access (full)

   • Uncheck Require Proof Key for Coe Exchange (PKCE) option
   • Check Require secret for Web Server Flow and Require secret for Refresh Token Flow options

7. Click Save. You may need to wait a few minutes for the app to become active.

8. Go back to App Manager, find your app, and click View.

You’ll now see:

• Consumer Key → this is your client_id

• Consumer Secret → this is your client_secret (click "Reveal")\\\

Step 2: Generate Authorization Code (using Postman)

1. Open Postman

2. Create a new OAuth 2.0 authorization under the Authorization tab

3. Fill in:

   • Grant Type: Authorization Code

   • Callback URL: https://oauth.pstmn.io/v1/callback

   • Auth URL: https://login.salesforce.com/services/oauth2/authorize

   • Access Token URL: https://login.salesforce.com/services/oauth2/token

   • Client ID: (from Salesforce Dashboard)

   • Client Secret: (from Salesforce Dashboard)

   • Scope: full refresh_token api

4. Click Get New Access Token

5. You will be redirected to Salesforce → login and allow access.

6. Postman will receive a redirect like:

   https://oauth.pstmn.io/v1/callback?code=YOUR_AUTH_CODE

Copy the value of code=... – this is your Authorization Code.

Step 3: Exchange Authorization Code for Tokens

Use the following curl command to exchange the authorization code for:

• access_token

• refresh_token

• instance_url

CURL example:

curl -X POST https://login.salesforce.com/services/oauth2/token \
  -d "grant_type=authorization_code" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET" \
  -d "redirect_uri=https://oauth.pstmn.io/v1/callback" \
  -d "code=YOUR_AUTHORIZATION_CODE"

Example Response:

{
  "access_token": "00Dxx000000S1on!...",
  "refresh_token": "5Aep86...etc",
  "instance_url": "https://na123.salesforce.com",
  "id": "https://login.salesforce.com/id/...",
  "issued_at": "1711734351000",
  "signature": "abcdef123456="
}