Create an API Destination and Connection in EventBridge

Create an API destination that uses a new connection. In this case, the API destination is a REST API call to Salesforce to publish a platform event back. The connection contains the authentication information for the API call. The connection accepts several authorization methods. If you choose OAuth authorization, provide information from the connected app that you just created.

To create an API destination in the EventBridge console, follow the steps in Create an API destination, and set up these configurations that are specific to Salesforce.

  1. Get your Salesforce org’s My Domain name, which is on the My Domain page in Setup. You use the name in the endpoint in the next step.

  2. Define a custom platform event for the event that you want to send to Salesforce. For example, create a platform event with the label "Carbon Estimate" (API name Carbon_Estimate__e). You can follow the steps to add the same fields as the Carbon Comparison event in Define a Platform Event, and add this field.

    • Field type: Number (3,0), Label: Carbon Reduction Percentage
  3. For API destination endpoint, use this URL after replacing {MyDomainName} with your org’s domain name and {MyEvent__e} with the API name of the platform event to return: https://{MyDomainName}.my.salesforce.com/services/data/v56.0/sobjects/{MyEvent__e}

    For example, for the Carbon Estimate event, the URL is: https://{MyDomainName}.my.salesforce.com/services/data/v56.0/sobjects/Carbon_Estimate__e

  4. For HTTP method, select POST.

  5. For the connection, select Create a new connection, and enter a connection name.

  6. For Destination type, select Partners, and then select Salesforce from Partner Destinations.

    If you’re setting up OAuth authorization, provide this information for your Salesforce org.

  7. For Authorization type, make sure that OAuth Client Credentials is selected.

  8. For Authorization endpoint, it’s more secure to use an endpoint containing the domain name because sometimes the login endpoint can be blocked by the administrator. Replace the populated endpoint with one of these options.

    • If using a production org, enter this URL, and replace {MyDomainName} with your org’s My Domain name: https://{MyDomainName}.my.salesforce.com/services/oauth2/token
    • If using a sandbox without enhanced domains, enter this URL, and replace {MyDomainName} with your org’s My Domain name and {SandboxName} with your sandbox name: https://{MyDomainName--SandboxName}.my.salesforce.com/services/oauth2/token
    • If using a sandbox with enhanced domains, enter this URL, and replace {MyDomainName} with your org’s My Domain name and {SandboxName} with your sandbox name: https://{MyDomainName--SandboxName}.sandbox.my.salesforce.com/services/oauth2/token
  9. For HTTP method, select POST.

  10. For Client ID, enter the consumer key from the connected app in Salesforce.

  11. For Client secret, enter the consumer secret from the connected app in Salesforce.

  12. Add OAuth HTTP parameters.

    • Parameter: Body field, Key: grant_type, Value: password
    • Parameter: Body field, Key: username, Value: {Your_Salesforce_Username}
    • For the password parameter value, get your security token first. For more information about getting your security token, see Reset Your Security Token in Salesforce Help.
    • For the password value, append the security token to your password. Parameter: Secret body field, Key: password, Value: {Your_Salesforce_password_with_Security_Token_Appended}

If your Salesforce org uses multi-factor authentication (MFA) for API access, users must complete a second authentication challenge to access Salesforce APIs. For more information, see Set Multi-Factor Authentication Login Requirements for API Access in Salesforce Help.