DCG Connected App Setup
This topic guides you through the creation of a Salesforce Connected Application to be used by the Digital Commerce Gateway (also known as DCG application, formerly known as Vlocity Digital Commerce Tier - VDCT).
The documentation in this section applies only to customers who have purchased the Digital Commerce Gateway license. The instructions provided don't work without the Digital Commerce Gateway license.
The DCG Connected App Setup process is required during these events:
-
Initial DCG setup.
-
Integration of an existing DCG environment with a different Salesforce organization.
-
Re-integration after a sandbox refresh where the connected application must be recreated.
To create the connected application, you must have an admin account within the Salesforce organization. The callback URL to configure in the connected application will differ depending on the type of Salesforce instance used (test or standard),
-
For sandbox / test instances: https://test.salesforce.com/services/oauth2/success
-
For production / standard instances: https://login.salesforce.com/services/oauth2/success
The DCG application relies on the OAuth2.0 JWT Bearer Token authentication flow which requires a private key and certificate to work. Vlocity creates them and provides you with the public certificate to add to the connected application at a later stage. You do not need this certificate to create the connected application.
DCG requires a dedicated user who is authorized to use the connected application. The user must be assigned to a Profile with sufficient permissions for the DCG application to work. The “System Administrator” profile is the recommended one for DCG; however, its permissiveness is generally not recommended for production environments.
To create the connected application, see Create a Connected App.
After you reach the application creation page, configure it as follows:
-
Provide a name for the application similar to: “Digital Commerce Application - {ENV}” (replacing {ENV} with the appropriate environment name / nickname).
-
Provide an email address where you can receive notifications related to the connected application.
-
Check Enable OAuth settings.
-
Fill in the Callback URL (refer to the Prerequisites section above for possible values).
-
For now, skip setting Use digital signatures until after setup when Vlocity has sent you the connected application certificate.
-
Add the following Oauth Scopes (or permissions) to the Selected Oauth Scopes:
-
API
-
refresh_token, offline_access
-
For example:
DCG requires a user who is authorized to use the connected application. This user must be assigned to a Profile with sufficient permissions for the DCG application to work. The “System Administrator” profile is the most commonly used.
Update the ticket with the following required information from the Connected Application:
-
The Salesforce username authorized in the application
-
The Connected Application API Oauth Consumer Key
It is not necessary to send either the Salesforce password for the username or the Connected Application API Oauth Consumer Secret.
After Salesforce has finalized the creation of your environment and has sent you the public certificate, proceed with the post-setup instructions here.
The public certificate may be sent to you in PEM or DER format. Both are accepted by Salesforce Connected Applications. When the certificate is nearing expiration, a new one is generated and provided to you by Salesforce.
To add or replace the certificate, follow these steps:
-
Log in to the Salesforce Org and navigate to Setup
-
Navigate to Menu > Create > Apps > Connected Apps.
-
Locate the app you created for this environment.
-
Click on the Edit link for your App
-
Locate and check the setting Use digital signatures in the API section.
-
Click Browse… and upload the public certificate file you received from Salesforce.
-
Click Save.
You can display the certificate’s properties using the following command (subject, issuer and expiration date):