Skip to content

Event Target for Salesforce

This event Target receives CloudEvents and invokes a Salesforce endpoint.


  • Salesforce account
  • Certificate key secret

Salesforce Account

Salesforce Target uses OAuth JWT credentials for service authentication.

First, you will need to generate an X509 certificate for signing and verifying requests. We will be using OpenSSL, but any other certificate generation tool will work.

openssl req -x509 -sha256 -nodes -days 36500 -newkey rsa:2048 -keyout tm-sf.key -out tm-sf.crt
  1. On the Salesforce site select Setup > Apps > App Manager, click on New Connected App.

    • Fill in mandatory fields, then click Enable OAuth Settings.
    • A callback URL is mandatory but can be filled with any HTTPS data.
    • Enable Use digital signatures and upload the public cert (tm-sf.crt in the example above).
    • Add Scopes for api, refresh_token, and offline_access.
    • Click Save.

    Salesforce connected app

    • Select the connected app you just created from the list and then click Manage.
    • Click Edit policies.
    • Set Permitted users to Admin approved users are pre-authorized.
    • Click Save.

    Connected app policies

    • Select the connected app from the list and then click Manage.
    • Click Manage Profiles.
    • Add permissions on the data this user will have access to.
    • Click Save.
  2. Retrieve OAuth data to configure TriggerMesh Target.

    • Select the connected app from the list and then click View.
    • Copy the Consumer Key.
    • Reveal and copy the Consumer Secret.

Certificate Key Secret

The TriggerMesh Salesforce integration needs a certificate key secret to sign requests for the Salesforce API. Consult the Secrets guide for more information about how to add the certificate key as a secret.

The file name containing the key will need to be renamed to certKey. After that, go to Secrets > Add Secret > File Upload.

Upload secret

Deploying an Instance of the Target

Open the Bridge creation screen and add a Target of type Salesforce.

Adding a Salesforce Target

In the Target creation form, provide a name for the event Target, and add the following information:

  • Client ID: The client ID as retrieved from the Salesforce connected app.
  • Server: The server used for Salesforce authentication.
  • User: User for the Salesforce account.
  • Reply Events Policy: Indicates when event responses should be sent back from this target.

After clicking the Save button, the console will self-navigate to the Bridge editor. Proceed by adding the remaining components to the Bridge.

After submitting the Bridge, and allowing for some configuration time, a green check mark on the main Bridges page indicates that the Bridge with was successfully created.

Bridge status

Event Types

The Salesforce event Target expects an event type of io.triggermesh.salesforce.apicall to perform a request against the Salesforce API, and will producedresponses typed io.triggermesh.salesforce.apicall.response. The CloudEvent data should contain a request as defined in this schema.

This type expects a JSON payload with the following properties:

Name Comment
action The HTTP verb to use (Required)
resource The object family to use
object The object type to operate on
record The object instance
query Parameterized key/values for the API request
payload Body contents for the request

All of the parameters, except for payload, are put together sequentially to build the request that will be sent to the Salesforce API:


For more information about using the Salesforce API, please refer to the Salesforce API documentation.

Reply Events Policy

When a request is sent using this Target, a response might be produced containing the reply from Salesforce or an error. Depending on if there are other Targets listening to these new events you might want to configure the reply behavior from this component. There are three possible values for the reply events policy:

  • Never: No response will be produced.
  • Error: Only errors will be returned from the Target.
  • Always: External responses or errors will be produced.

When a response is produced from a Target, the extended attribute category is added which will contain one of two values:

  • Success: For when the request succeeds.
  • Error: For when an error occurs.

Returned errors structure is defined in this schema.


Create a Salesforce Account object:

  • Event Type: io.triggermesh.salesforce.apicall
  • Data:
  "action": "POST",
  "resource": "sobjects",
  "object": "account",
  "payload": { "Name": "Jane Doe" }

Update a Salesforce Account object:

  • Event Type: io.triggermesh.salesforce.apicall
  • Data:
  "action": "PATCH",
  "resource": "sobjects",
  "object": "account",
  "record": "0014x000005Y9SNAA0",
  "payload": { "Name": "Janet Does", "BillingCity" : "San Francisco" }

Retrieve specific fields of a Salesforce Account:

  • Event Type: io.triggermesh.salesforce.apicall
  • Data:
  "action": "GET",
  "resource": "sobjects",
  "object": "account",
  "record": "0014x000005Y9SNAA0",
  "query": { "fields": "AccountNumber,BillingCity" }

Delete a Salesforce Account object: - Event Type: io.triggermesh.salesforce.apicall - Data:

  "action": "DELETE",
  "resource": "sobjects",
  "object": "account",
  "record": "0014x000005Y9SNAA0"