Does ADF, Salesforce linked service supports to oauth 2.0 username password flow. If not please let us know list of Authentication types supported

Question

Hi ,

Does ADF, Salesforce linked service supports to oauth 2.0 username password flow. If not please let us know list of Authentication types supported.

Thank you.

Answer 1

Hi @KIRAN Uday
Welcome to Microsoft Q&A platform and thanks for posting your question here.

Azure Data Factory does not support the OAuth 2.0 username-password flow for Salesforce linked services. This flow is generally discouraged due to security concerns, as it involves passing user credentials directly. Instead, ADF supports other, more secure OAuth 2.0 authentication methods.

For Salesforce linked services in ADF, the supported authentication types include the OAuth 2.0 Client Credentials Flow, which is used for server-to-server integrations where the client application can securely store the client credentials. It involves the client application requesting an access token directly from the authorization server using its client ID and client secret. Another supported method is the OAuth 2.0 Web Server Flow, recommended for web applications where the client application can securely store the client secret. This flow involves redirecting the user to the Salesforce login page to authenticate and authorize the application, which then receives an authorization code to exchange for an access token.

Additionally, the OAuth 2.0 JWT Bearer Token Flow is supported, used for server-to-server integrations where the client application can securely store a private key. This method involves the client application creating a JWT assertion and sending it to the authorization server to request an access token. These methods provide enhanced security compared to the username-password flow, ensuring that user credentials are not exposed and reducing the risk of unauthorized access.

Reference
https://learn.microsoft.com/en-us/answers/questions/1289264/how-to-connect-salesforce-from-azure-data-factory

https://learn.microsoft.com/en-us/azure/data-factory/connector-salesforce?tabs=data-factory

https://learn.microsoft.com/en-us/answers/questions/52665/how-can-we-authenticate-rest-api-endpoint-via-api

https://learn.microsoft.com/en-us/answers/questions/741180/data-factory-linked-service-rest-oauth2

Hope this helps. Do let us know if you any further queries.

---

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Answer 2

Hello @KIRAN Uday

Azure Data Factory (ADF) and Salesforce linked services support OAuth 2.0 authentication.

However, the username-password flow is not recommended for production environments due to security concerns.

Instead, it is recommended to use the OAuth 2.0 authentication flow with a refresh token.

In addition to OAuth 2.0, ADF supports the following authentication types for linked services: - Basic authentication

• Managed identity authentication
• Service principal authentication

Salesforce linked service supports the following authentication types:

• OAuth 2.0 authentication
• Username and password authentication (not recommended for production environments)
• Certificate-based authentication

---

I hope that this response has addressed your query and helped you overcome your challenges. If so, please mark this response as Answered. This will not only acknowledge our efforts, but also assist other community members who may be looking for similar solutions.