Newer Version Available
Set Up OAuth in the AWS Lambda Function
These instructions describe how to set up OAuth on your Amazon Connect
instance.
Before you start, open a text file so you can copy some parameter values.
- Log in to AWS Console > Lambda > Functions. Log in with your root user email which you used to create a contact center during Service Cloud Voice setup. If this is your first login, reset your password.
- Select the {Your Contact Center Name}-InvokeSalesforceRestApiFunction Lambda function.
-
Click the Configuration tab and scroll down to Environment
variables. Some of the variables are already configured for your instance,
but you have to set the values for CONSUMER_KEY_PARAM_NAME, PRIVATE_KEY_PARAM_NAME, and SUBJECT.

- Copy the values for the CONSUMER_KEY_PARAM_NAME, PRIVATE_KEY_PARAM_NAME parameters and paste them into a text file. These values are the names of the SSM parameters that hold the actual credentials.
-
For the SUBJECT variable, enter the Salesforce
username of the user you want to log in to Salesforce through the Lambda function. The
user must have access to the objects that the Lambda function will be executed
on.
In the connected app in Salesforce, check that the user is added to the connected app profile. From Setup in your Salesforce org, go to App Manager. Open the action menu for the connected app, click Manage, and scroll to the bottom of the page to see the profiles. Verify that the Permitted Users value is set to "Admin approved users are pre-authorized" for the desired profile. To learn more about OAuth access policies, see Manage OAuth Access Policies for a Connected App.
- Click Services > enter SSM in the search box > Systems Manager.
- Scroll down to the Parameter Store.
- In the parameter store, search for the CONSUMER_KEY_PARAM_NAME value and the PRIVATE_KEY_PARAM_NAME value that you copied to the text file.
-
For the Consumer Key, update the value by clicking Edit and
pasting the value of the consumer key from the connected app into the
Value field.


- Save your changes.
-
Update the value of the private key by clicking Edit and pasting the private key into
the Value field. For the private key, you need the key that you previously used to sign the self-signed
certificate. By default, this key is stored locally to a file named server.key.
- Save your changes.