Create an API Destination and Connection in EventBridge

Create an API destination that uses a new connection. In this case, the API destination is a REST API call to Salesforce to publish a platform event back. The connection contains the authentication information for the API call. The connection accepts several authorization methods.


If you use OAuth authorization for the API destination connection, create a connected app in Salesforce by following the steps in Create a Connected App in Salesforce for OAuth. You use the consumer key and secret from the connected app for the API destination connection.

To create an API destination in the EventBridge console, follow the steps in Create an API destination, and set up these configurations that are specific to Salesforce.

  1. Get your Salesforce org’s My Domain name, which is on the My Domain page in Setup. You use the name in the endpoint in the next step.

  2. For the event that you want to send to Salesforce, use an existing custom platform event or define a new one. For example, create a platform event with the label Carbon Estimate (API name Carbon_Estimate__e). To learn how to add fields to a platform event, see Define a Platform Event. Add the same fields as the ones in the Carbon Comparison event. Also, add this field.

    • Field type: Number (3,0), Label: Carbon Reduction Percentage
  3. For API destination endpoint, use this URL after replacing {MyDomainName} with your org’s domain name and {MyEvent__e} with the API name of the platform event to return: https://{MyDomainName}{MyEvent__e}

    For example, for the Carbon Estimate event, the URL is: https://{MyDomainName}

  4. For HTTP method, select POST.

  5. For the connection, select Create a new connection, and enter a connection name.

  6. For Destination type, select Partners, and then select Salesforce from Partner Destinations.

    If you’re setting up OAuth authorization, provide this information for your Salesforce org.

  7. For Authorization type, make sure that OAuth Client Credentials is selected.

  8. For Authorization endpoint, it’s more secure to use an endpoint containing the domain name because sometimes the login endpoint can be blocked by the administrator. Replace the populated endpoint with one of these options.

    • If using a production org, enter this URL, and replace {MyDomainName} with your org’s My Domain name: https://{MyDomainName}
    • If using a sandbox without enhanced domains, enter this URL, and replace {MyDomainName} with your org’s My Domain name and {SandboxName} with your sandbox name: https://{MyDomainName--SandboxName}
    • If using a sandbox with enhanced domains, enter this URL, and replace {MyDomainName} with your org’s My Domain name and {SandboxName} with your sandbox name: https://{MyDomainName--SandboxName}
  9. For HTTP method, select POST.

  10. For Client ID, enter the consumer key from the connected app in Salesforce.

  11. For Client secret, enter the consumer secret from the connected app in Salesforce.

  12. Add OAuth HTTP parameters.

    • Parameter: Body field, Key: grant_type, Value: password
    • Parameter: Body field, Key: username, Value: {Your_Salesforce_Username}
    • For the password parameter value, get your security token first. For more information about getting your security token, see Reset Your Security Token in Salesforce Help. If you don't find the option to reset your security token, see Unable to see the Reset Security Token option.
    • For the password value, append the security token to your password. Parameter: Secret body field, Key: password, Value: {Your_Salesforce_password_with_Security_Token_Appended}

If your Salesforce org uses multi-factor authentication (MFA) for API access, users must complete a second authentication challenge to access Salesforce APIs. For more information, see Set Multi-Factor Authentication Login Requirements for API Access in Salesforce Help.