Create a Named Credential

A named credential stores your AWS account information and authentication configuration. You use the named credential later to set up the event relay configuration. You can create a named credential in the Salesforce user interface in Setup or with Tooling API.

USER PERMISSIONS NEEDED
To create a named credential:Customize Application
  1. From Setup, in the Quick Find box, enter Named Credentials, and then select Named Credentials.

  2. Expand the dropdown next to New, and then click New Legacy.

  3. Complete the fields.

    • For Label, enter MyRelayNamedCredential.
    • For Name, enter MyRelayNamedCredential.
    • For URL, enter a URL in the format arn:aws:aws_region:aws_account_number. Replace the aws_region placeholder with your AWS region. Replace the aws_account_number placeholder with your 12-digit AWS account ID. The URL is case-sensitive, and aws_region is in capital letters. For example, the URL for an account in the US-WEST-2 region has this format: arn:aws:US-WEST-2:XXXXXXXXXXXX. (XXXXXXXXXXXX is a placeholder for the 12-digit AWS account ID.)
    • For Identity Type, select Named Principal.
    • For Authentication Protocol, keep the default of No Authentication.
    • Keep Generate Authorization Header selected.
  4. Save your changes.

A named credential

If you change the authentication protocol to a protocol that accepts a username, such as Password authentication, include your AWS account ID in the Username field instead of the URL. The format of the URL without the AWS account ID is arn:aws:aws-region. For example: arn:aws:US-WEST-2.

Alternatively, you can create the named credential with Tooling API. This example creates a named credential with no authentication and with the AWS account ID specified in the endpoint URL. The endpoint URL is case-sensitive, and the AWS region is in capital letters.

USER PERMISSIONS NEEDED
To create a named credential:Customize Application
To use REST API:API Enabled
  1. Send a POST request to this URI:

    /services/data/v56.0/tooling/sobjects/NamedCredential/

  2. If you’re using Postman, under Tooling, click Post Tooling SObject, and then replace the placeholder with NamedCredential.

  3. Use this example request body, and replace XXXXXXXXXXXX in the endpoint field with a valid 12-digit AWS account ID.

  4. Send the request. The response received looks similar to this response.

For more information about all the fields in NamedCredential, see NamedCredential in the Tooling API Developer Guide.