Support Questions

Find answers, ask questions, and share your expertise
Celebrating as our community reaches 100,000 members! Thank you!

using GetHTTP for Salesforce Integration with OAuth2.0 authentication parameter


I am looking to pull data from salesforce objects, logs using GetHTTP Processor. I need help with configuring processor for OAuth 2.0 parameters.



This problem has been solved!

Want to get a detailed solution you have to login/registered on the community


Super Guru

@Mehul Ramani

Since you want to make the call from GetHTTP NiFi processor, to be able to make a https call you need to setup 'SSL Context Service' . Summarily, you will need to configure the truststore properties with for your SSL Context Service instance with the path to the default cacerts truststore that comes bundled with your Java installation, located at JAVA_HOME/jre/lib/security/cacerts. TrustStore is of type JKS, and the default password for Truststore is "changeit" .

If $JAVA_HOME Is set on your system, it should help point you in the right direction. If not, the location of cacerts varies depending on environment, but is approximately the following for their respective OS

  • OSX: /Library/Java/JavaVirtualMachines/jdk<version>.jdk/Contents/Home/jre/lib/security/cacerts. You can additionally use $(/usr/libexec/java_home) to find the path.
  • Windows: C:\Program Files\Java\jdk<version>\jre\lib\security\cacerts
  • Linux: /usr/lib/jvm/java-<version>/jre/lib/security/cacerts. You can additionally use $(readlink -f $(which java))

If this response was helpful, vote/accept it as the best answer.


This did help in updating SSL setting. I was looking for help with setting secret_id, client_secret. I guess Pierre posted example. Thank you for your quick response.


This problem has been solved!

Want to get a detailed solution you have to login/registered on the community



Hi @Pierre Villard,

Thank you for sharing workflow. However I am having trouble with output port. I am getting error "Output connection for port 'SessionID' is not defined" . Looks like I am missing something. I am fairly new to this.

Thanks much



I am not the author of the workflow but I'd say that the ouput port can be used if you want to use your FlowFile in following requests to Salesforce. You don't have to necessarily use it.


@Mehul Ramani Hello , would you be able to guide me on how you proceed with the solution and flow. thx much


Hi @nischal tewari, I have used same workflow that is shared by Pierre in this thread.




HI @Mehul Ramani my requirement is below .

based on the flow available, to get the token based on the flow that pierre share we are using invokehttp and then capturing the token. ( the access_token attribute is right ?) after that flow we can pass the token to another invokehttp processor to get the jason and do further processing . Since I am bit new to this , have confusion in parameter setting . did you used any specific parameter and attributes to pass token .

below is my requirement - sorry for this long post ,

The APIs are all accessed via REST invocations and return results in JSON format. The API use the OAuth 2.0 standard to authenticate all requests To authenticate to the API endpoint, we will need a token we send with every API call. To retrieve a token please follow the steps below- Request an access token by sending your Client ID and Client Secret via HTTP Basic Authentication, using an HTTP POST request. The Client ID and Client Secret need to be encoded to Base64, using the UTF-8 character set, in the form of client_id:client_secret. A resource you can use for this purpose is

This string is then passed as the Authorization header. The API will respond with an access token Note: Tokens are only valid for one hour. After one hour a new token is required. Pass the token as the Authorization header to access the API resources: API resource data is returned:

New Contributor

GetHTTP itself doesn't handle OAuth2 directly. Here's a breakdown of the process:

1. Obtaining Access Token:

  • You'll need to acquire an access token before making API calls to Salesforce.
  • This typically involves a two-step process:
    • Step 1: Authorization Code Grant:
      • Direct your user to a Salesforce authorization URL with your client ID and redirect URI.
      • Upon successful login and authorization, Salesforce redirects the user back to your redirect URI with an authorization code.
    • Step 2: Token Request:
      • Use the authorization code retrieved in step 1 to make a POST request to Salesforce's token endpoint.
      • Include your client ID, client secret, redirect URI, and grant type ("authorization_code") in the request body.
      • If successful, Salesforce will respond with an access token and other relevant information (refresh token, expiration time).

2. Using Access Token with GetHTTP:

  • Once you have the access token, you can use GetHTTP to make API calls to Salesforce.
  • Set the following headers in your GetHTTP request:
    • Authorization: Bearer <access_token> (Replace <access_token> with your actual token)
  • Configure the request URL with the desired Salesforce API endpoint and any necessary parameters.
  • Execute the GetHTTP request to retrieve data or perform actions on the Salesforce platform.

Important Considerations:

  • Security: Store access tokens securely and avoid exposing them in code or logs.
  • Token Refresh: Access tokens expire, so implement a mechanism to refresh them before expiration using the refresh token obtained during the initial authorization flow.
  • Libraries: Consider using libraries designed for Salesforce integrations, which can simplify the OAuth2 process and provide additional functionalities.