# Salesforce Einstein Salesforce Einstein Analytics uses the OAuth 2 authentication standard. You will need to obtain the OAuthClientId and OAuthClientSecret by registering an app with Salesforce Einstein Analytics. OAuth requires the authenticating user to interact with Salesforce Einstein Analytics using the browser. The provider facilitates this in various ways as described in the following sections. #### Create a Connected App You can follow the procedure below to obtain the OAuth client credentials, the consumer key and consumer secret: 1. If your organization uses the Salesforce Lightning Experience UI, from Setup enter App in the Quick Find box, select App Manager (not Manage Connected Apps), and click New Connected App. If your organization uses the Salesforce Classic UI, from Setup enter Apps in the Quick Find box and then select Apps, under Build or Create. Under Connected Apps, click New. 2. Enter a name to be displayed to users when they log in to grant permissions to your app, along with a contact email address. 3. Click Enable OAuth Settings and enter a value in the Callback URL box. If you are making a desktop application, set the Callback URL to or a different port number of your choice. If you are making a Web application, set the Callback URL to a page on your Web app you would like the user to be returned to after they have authorized your application. 4. Select the following OAuth scopes: Access and manage your wave data (wave\_api) Access and manage your data (api) Perform requests on your behalf at any time (refresh\_token, offline\_token) 5. Once you have created the app, click your app name to open a page with information about your app. The OAuth client credentials, the consumer key and consumer secret, are displayed. #### Authenticate to Salesforce Einstein Analytics After setting the following connection properties, you are ready to connect: * OAuthClientId: Set this to the consumer key in your app settings. * OAuthClientSecret: Set this to the consumer secret in your app settings. * CallbackURL: Set this to the callback URL in your app settings. * InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property. When you connect the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process: 1. Gets the callback URL and sets the access token to authenticate requests. 2. Saves OAuth values in OAuthSettingsLocation to be persisted across connections. 3. Exchanges the returned refresh token for a new, valid access token. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.appstrategy.com/apprules-r-documentation/platform/platform-features/system-settings/data-sources/connection-settings/aimachinelearning/sfeinsteinanalytics.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.