Configuring Salesforce workspace data connections

During workspace creation, under Connection Type, click Salesforce.

Connecting to the source data

Before you can configure the source connection, you must create the connection in Salesforce. The source connection can be either a production org, a sandbox org, or a scratch org.

Providing the connected application keys

To connect to the Salesforce application, Structural requires a consumer key and a consumer secret. You get these values from the Salesforce connected application that you created in Salesforce.

You can configure these as the values of the environment settings TONIC_SALESFORCE_CONSUMER_KEY and TONIC_SALESFORCE_CONSUMER_SECRET.

If these environment settings are not configured, for example in Structural Cloud, then under Source Settings, the Connected App Credentials panel is displayed.

1. In the Consumer Key field, provide the consumer key value.

2. In the Consumer Secret field, provide the consumer secret value.

Providing and testing the server path

Under Source Settings, to connect to the source connection:

1. In the Server field, type the path to the source connection server.

2. Click Authenticate with Salesforce. Structural sends you to Salesforce to authenticate to the source connection. Note that if this is the first time you log in to Salesforce with the user for Structural, you are prompted to confirm the additional permissions that are granted to the connected application.

3. After you authenticate, to test the connection, click Test Source Connection.

Connecting to the destination data

Before you can configure the destination connection, you must create the connection in Salesforce.

The destination connection must be either a sandbox org or a scratch org. However, the destination connection can only be a scratch org if the source connection is also a scratch org.

The destination connection must be a separate org from the source connection.

Providing the connected application keys

To connect to the Salesforce application, Structural requires a consumer key and a consumer secret.

If the TONIC_SALESFORCE_CONSUMER_KEY and TONIC_SALESFORCE_CONSUMER_SECRET environment settings are not configured, for example in Structural Cloud, then under Destination Settings, the Connected App Credentials panel is displayed.

To use the same key and secret that you provided under Source Settings, click Copy Settings from Source.

Otherwise:

1. In the Consumer Key field, provide the consumer key value.

2. In the Consumer Secret field, provide the consumer secret value.

Providing and testing the server path

Under Destination Settings, to connect to the destination connection:

1. In the Server field, type the path to the destination connection server.

2. Click Authenticate with Salesforce. Structural sends you to Salesforce to authenticate to the destination connection.

3. After you authenticate, to test the connection, click Test Destination Connection.

De-identifying Salesforce users in the destination data

If Scramble Specific Users’ Data is enabled for the destination org, then you can configure the workspace to de-identify Salesforce users in the destination data.

To de-identify Salesforce users, toggle De-identify Salesforce Users to the on position.

Excluding users from de-identification

Salesforce automatically excludes from de-identification specific internal users and users that have specific roles.

To exclude other users from de-identification, in the Excluded usernames field, type a comma-separated list of the users to exclude.

Salesforce internal users that cannot be de-identified

The following internal users are never de-identified:

• Automated User

• Platform Integration User

• Analytics Cloud Integration User

• Analytics Cloud Security User

• Sales Insights Integration User

• Structural user

Salesforce roles for which users cannot be de-identified

Users who have the following roles cannot be de-identified. If you need to de-identify a user that has one of these roles, then before you run data generation, you must assign a different user to the role.