# Salesforce authentication

Salesforce integration is managed through the Vonage API Dashboard. Once configured, it becomes available directly in AI Studio via the **Salesforce node**.

To get started, you first need to create a Salesforce External Client App. See [How to create a Salesforce External Client App](https://studio.docs.ai.vonage.com/voice/nodes/integrations/legacy-salesforce-authentication-node/salesforce-authentication/how-to-create-a-salesforce-connected-app) for full instructions.

#### Set up the integration in the API Dashboard

Once your external client app is created, complete the setup in the Vonage API Dashboard.

1. Log in to the [Vonage API Dashboard](https://dashboard.nexmo.com) and make sure you are in the correct client account.
2. Navigate to **Build** > **Tools and Solutions** > **Integrations** > **Credential Storage**.
3. Select **Connect with Salesforce via OAuth**.
4. Enter the following details:

<table data-header-hidden="false" data-header-sticky><thead><tr><th>Field</th><th>Description</th></tr></thead><tbody><tr><td>Name</td><td>A label you select when using this integration in AI Studio. If you have multiple Salesforce environments, use a name that reflects the environment, for example, <code>Salesforce Production</code> or <code>Salesforce QA</code>.</td></tr><tr><td>Consumer Secret</td><td>The Consumer Secret from your Salesforce external client app.</td></tr><tr><td>Consumer Key</td><td>The Consumer Key from your Salesforce external client app.</td></tr><tr><td>Domain</td><td>Your Salesforce org's unique subdomain. Enter the domain only, without the <code>https://</code> prefix. For example, <code>yourcompany.my.salesforce.com</code>.</td></tr></tbody></table>

{% hint style="info" %}
**DNS errors**

If you get DNS errors when trying to authorise, check that you are using the correct domain. For example, some orgs require `yourcompany.develop.my.salesforce.com` instead of `yourcompany.my.salesforce.com`.
{% endhint %}

5. Click **Connect with Salesforce OAuth**. You are redirected to Salesforce to approve access.
6. Click **Allow**. On success, a confirmation page states that the **OAuth connection has been completed**.
7. Your integration now appears in the list of available credentials in AI Studio.

#### Use the Salesforce integration in AI Studio

Once the integration is set up in the API Dashboard, it is available in your virtual assistant flows via the **Salesforce node**.

1. In your virtual assistant, navigate to Integrations and add a **Salesforce** node.
2. The node automatically retrieves the integrations configured in the API Dashboard for the current account.
3. Select the integration you want to use from the dropdown.
4. Configure your query within the node and test the request.

<figure><img src="/files/adAxOtvbxfI8wQ7Ldruw" alt=""><figcaption></figcaption></figure>

The Salesforce node manages authentication internally. You do not need a separate authentication node or token parameter. You can switch between different Salesforce environments (for example, production and sandbox) by selecting the appropriate credential from the dropdown.

#### Integrate with a Salesforce sandbox environment

{% hint style="info" %}
**Sandbox environments**

Currently, the recommended method for integrating with Salesforce sandbox environments is via Webhook.
{% endhint %}

Use the following configuration:

**Method**

`POST https://your-tenant-domain.my.salesforce.com/services/oauth2/token`

**Headers**

| HTTP Header  | Value                             |
| ------------ | --------------------------------- |
| Content-Type | application/x-www-form-urlencoded |

**Query parameters**

| Parameter      | Value                    |
| -------------- | ------------------------ |
| grant\_type    | password                 |
| client\_id     | Your Consumer Key        |
| client\_secret | Your Consumer Secret     |
| username       | Your API username        |
| password       | Your API user's password |

**Response mapping**

| Object path   | Parameter                                                               |
| ------------- | ----------------------------------------------------------------------- |
| access\_token | `$SF_ACCESS_TOKEN` (or the parameter where you want to store the token) |

{% hint style="warning" %}
**Special characters in passwords**

If your password contains special characters such as `#`, use URL encoding.

For example, `#42LBMDEH` becomes `%1242LBMDEH`. You can use Postman to encode your password before use.
{% endhint %}

#### Troubleshooting

For error tracking, see the following Salesforce documentation:

* [Username-Password OAuth Authentication Flow](https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_username_password_flow.htm\&type=5)
* [Authorization Through External Client Apps and OAuth 2.0](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_oauth_and_connected_apps.htm)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://studio.docs.ai.vonage.com/http/nodes/integrations/legacy-salesforce-authentication-node/salesforce-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.