Salesforce Reports
This article outlines the integration with the Salesforce Reports connector, enabling streamlined metadata management through features such as crawling and lineage building (Auto and Manual). It also ensures secure authentication via Credential Manager.
Overview
Connector Details
Connector Category
Reporting Tools
Connector Version
Release6.3.x
Releases Supported (Available from)
Release5.x
Connectivity
[How the connection is established with Salesforce Reports]
REST APIs
Verified Salesforce Reports Version
64
Connector Features
Crawling
✅
Profiling
NA
Query Sheet
NA
Report Preview
❌
Auto Lineage
✅
Manual Lineage
✅
Secure Authentication via Credential Manager
✅
Data Quality
NA
DAM (Data Access Management)
❌
Bridge
✅
Metadata Mapping
The following objects are crawled from Salesforce Reports and mapped to the corresponding UI assets.
Report Group
Default
Report Group
Report Group
Report Group
Reports
Value
Report Name
Reports
-
Reports
Report Description
Source Description
Description
-
Reports
Report Type
Type
Reports
-
Set up a Connection
Prerequisites
The prerequisites to establish a connection:
Service Account User Permissions
It is recommended to use a separate service account to establish the connection to the data source, configured with the following minimum set of permissions.
Connector Validation
API Enabled
Crawling
Read + API Enabled
Lineage
Read + API Enabled
Connection Configuration Steps
Users must have the Connector Creator role to configure a new connection.
Log into OvalEdge, go to Administration > Connectors, click + (New Connector), search for Salesforce Reports, and enter the required parameters.
Connector Type
By default, "Salesforcereports" is displayed as the selected connector type.
Credential Manager*
Select the desired credentials manager from the drop-down list. Relevant parameters will be displayed based on the selection.
Supported Credential Managers:
OE Credential Manager
AWS Secrets Manager
HashiCorp
Azure Key Vault
License Add-On
Auto Lineage
Supported
Data Quality
Not Supported
Data Access
Not Supported
Select the Auto Lineage Add-On checkbox to build data lineage automatically.
Connector Name*
Enter a unique name for the Salesforce Reports connection
(Example: "Salesforcereports_Prod").
Authentication Type
The following two types of authentication are supported for Salesforce Reports Server:
Token Based
JSON Web Token (JWT)
Connector Description
Enter the description related to the connector.
Extended Validation(Y/N)
Set to Y to enable extended validation or N to perform standard validation only.
Connector Environment
Select the environment (Example: PROD, STG) configured for the connector.
Username*
Enter the Salesforce Reports account username associated with the connected Salesforce organization.
Password*
Enter the password associated with the Salesforce Reports account username.
Client id*
Enter the unique Consumer Key generated from the connected app in Salesforce.
Client secret*
Enter the client secret generated during the Salesforce connected app creation.
Security Token
Enter the Salesforce Security Token associated with the account used for integration.
Is SANDBOX ?*
The Sandbox drop-down list allows either Yes or No selection.
Enter Yes or No (to specify whether the instance is a sandbox or not)
API Version*
Enter the Salesforce API version number that the connector should use to communicate with the Salesforce instance.
Proxy Enabled*
Select Yes to route the connection through a configured proxy, or No to connect directly without a proxy.
Connector Description
Enter the description related to the connector.
Extended Validation(Y/N)
Set to Y to enable extended validation or N to perform standard validation only.
Connector Environment
Select the environment (Example: PROD, STG) configured for the connector.
Username*
Enter the Salesforce Reports account username associated with the connected Salesforce organization.
Password*
Enter the password associated with the Salesforce Reports account username.
Client id*
Enter the unique Consumer Key generated from the connected app in Salesforce.
Client secret*
Enter the client secret generated during the Salesforce connected app creation.
Security Token
Enter the Salesforce Security Token associated with the account used for integration.
Is SANDBOX ?*
The Sandbox drop-down list allows either Yes or No selection.
Enter Yes or No (to specify whether the instance is a sandbox or not)
API Version*
Enter the Salesforce API version number that the connector should use to communicate with the Salesforce instance.
Keystore password*
Enter the password that was set when creating the keystore containing the private key.
Alias name*
Enter a unique identifier for the Salesforce Reports connection in the Alias name field.
Keystore file path*
Enter the full file path of the keystore (.jks) file containing the private key used for JWT authentication.
Proxy Enabled*
Select Yes to route the connection through a configured proxy, or No to connect directly without a proxy.
Default Governance Roles
Default Governance Roles*
Select the appropriate users or teams for each governance role from the drop-down list. All users and teams configured in OvalEdge Security are displayed for selection.
Admin Roles
Admin Roles*
Select one or more users from the dropdown list for Integration Admin and Security & Governance Admin. All users configured in OvalEdge Security are available for selection.
No of Archive Objects
No Of Archive Objects*
This shows the number of recent metadata changes to a dataset at the source. By default, it is off. To enable it, toggle the Archive button and specify the number of objects to archive.
Example: Setting it to 4 retrieves the last four changes, displayed in the 'Version' column of the 'Metadata Changes' module.
Bridge
Select Bridge*
If applicable, select the bridge from the drop-down list.
The drop-down list displays all active bridges configured in OvalEdge. These bridges enable communication between data sources and OvalEdge without altering firewall rules.
After entering all connection details, the following actions can be performed:
Click Validate to verify the connection.
Click Save to store the connection for future use.
Click Save & Configure to apply additional settings before saving.
The saved connection will appear on the Connectors home page.
Manage Connector Operations
Crawl
To perform crawl operations, users must be assigned the Integration Admin role.
The Crawl/Profile button allows users to select one or more schemas for crawling.
Navigate to the Connectors page and click Crawl/Profile.
Select the schemas to crawl.
Click Run to collect metadata from the connected source and load it into the Data Catalog.
After a successful crawl, the information appears in the Data Catalog > Report / Report Column tab.
The Schedule checkbox allows automated crawling for a selected timeframe, from a minute to a year.
Click the Schedule checkbox to enable the Select Period drop-down.
Select a time period for the operation from the drop-down menu.
Click Schedule to initiate metadata collection from the connected source.
The system will automatically execute the crawl operation at the scheduled time.
Other Operations
The Connectors page provides a centralized view of all configured connectors and their health status.
Managing connectors includes:
Connectors Health: Displays the current status of each connector, with a green icon for active connections and a red icon for inactive connections, helping monitor connectivity to data sources.
Viewing: Click the Eye icon next to the connector name to view connector details, including Report Groups and Reports.
Nine Dots Menu Options:
To view, edit, validate, build lineage, configure, or delete connectors, click on the Nine Dots menu.
Edit Connector: Update and revalidate the data source.
Validate Connector: Check the integrity of the connection.
Settings: Modify connector settings.
Crawler: Configure data extraction.
Access Instructions: Add notes on how data can be accessed.
Business Glossary Settings: Manage term associations at the connector level.
Lineage: Select server dialects for parsing and setting connector priority for table lineage.
Others: Configure notification recipients for metadata changes.
Build Lineage: Automatically build data lineage using source code parsing.
Delete Connector: Remove a connector with confirmation.
Connectivity Troubleshooting
If incorrect parameters are entered, error messages may appear. Ensure all inputs are accurate to resolve these issues. If issues persist, contact the assigned support team.
1
Error while validating SALESFORCEREPORTS connection | Root cause: 400 Bad Request on POST request for "https://test.salesforce.com/services/oauth2/token": "{"error":"invalid_grant","error_description":"authentication failure"}"
Error Description: The connection validation failed because Salesforce rejected the authentication request with an “invalid_grant” error, indicating that the JWT credentials are incorrect or expired.
Resolution: Verify the connected app settings, JWT certificate, and credentials (client ID, username, and private key). Re-generate and re-authorize the JWT token if necessary.
Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA, USA.
Last updated
Was this helpful?