Salesforce initial setup
For initial load, see Salesforce Reader initial setup.
For continuous real-time replication, see Salesforce CDC Reader initial setup.
For continuous incremental replication, see Salesforce Reader initial setup.
The following discussions of networking and security apply to both initial load and either approach to continuous replication.
Networking setup
You need to establish proper network connectivity between your Striim environment and Salesforce. This involves configuring network access, firewall rules, and connection parameters to ensure reliable communication.
Ensure that the Striim server can connect to your Salesforce instance on the correct port (typically 3306).
Also consider network latency and bandwidth requirements, especially for high-volume CDC scenarios. For optimal performance, minimize the network latency between Striim and Salesforce.
Security
Security configuration for Salesforce integration involves multiple layers, including authentication, authorization, network security, and data protection measures.
You must implement proper authentication mechanisms between Striim and Salesforce. This includes creating dedicated database users with minimal required privileges following the principle of least privilege. You should avoid using administrative accounts and instead create specific users for Striim operations with only the necessary permissions for the tables and operations required.
You should implement access control at multiple levels, including database-level permissions, schema-level access controls, and table-level privileges. You should regularly review and audit the permissions granted to Striim users and implement proper password policies and rotation procedures for service accounts.
API Access Control requirements
If the Striim OAuth app is not installed in your Salesforce environment, users must have the Use Any API Client permission enabled in Salesforce's API Access Control settings to authorize the connection. Without this permission, OAuth authentication fails.
To enable this permission:
In Salesforce Setup, navigate to Users > Permission Sets or Profiles.
Select the permission set or profile assigned to the user connecting from Striim.
Enable the Use Any API Client permission under Administrative Permissions.
For more information, see API Access Control in the Salesforce documentation.