Salesforce Einstein Analytics uses the OAuth 2 authentication standard. You will need to obtain the OAuthClientId and OAuthClientSecret by registering an app with Salesforce Einstein Analytics.

OAuth requires the authenticating user to interact with Salesforce Einstein Analytics using the browser. The provider facilitates this in various ways as described in the following sections.

Create a Connected App

You can follow the procedure below to obtain the OAuth client credentials, the consumer key and consumer secret:

1. If your organization uses the Salesforce Lightning Experience UI, from Setup enter App in the Quick Find box, select App Manager (not Manage Connected Apps), and click New Connected App.

   If your organization uses the Salesforce Classic UI, from Setup enter Apps in the Quick Find box and then select Apps, under Build or Create. Under Connected Apps, click New.

2. Enter a name to be displayed to users when they log in to grant permissions to your app, along with a contact email address.

3. Click Enable OAuth Settings and enter a value in the Callback URL box.

   If you are making a desktop application, set the Callback URL to http://localhost:33333 or a different port number of your choice.

   If you are making a Web application, set the Callback URL to a page on your Web app you would like the user to be returned to after they have authorized your application.

4. Select the following OAuth scopes:

   Access and manage your wave data (wave_api)

   Access and manage your data (api)

   Perform requests on your behalf at any time (refresh_token, offline_token)

5. Once you have created the app, click your app name to open a page with information about your app. The OAuth client credentials, the consumer key and consumer secret, are displayed.

Authenticate to Salesforce Einstein Analytics

After setting the following connection properties, you are ready to connect:

• OAuthClientId: Set this to the consumer key in your app settings.

• OAuthClientSecret: Set this to the consumer secret in your app settings.

• CallbackURL: Set this to the callback URL in your app settings.

• InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.

When you connect the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process:

1. Gets the callback URL and sets the access token to authenticate requests.

2. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.

3. Exchanges the returned refresh token for a new, valid access token.