This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Integration Salesforce with Google SecOps

Posted 3 weeks ago
zwerd
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We are trying to make new FEED on google SecOps in order to make an API call to get Salesforce logs. We set all fields on Google SecOps FEED that include the following:

API HOSTNAME: https://xxxxxxx.lightning.force.com/
TYPE:OAuth password grant
OAUTH TOKEN ENDPOINT: https://xxxxxxx.my.salesforce.com/services/oauth2/token
SalesforceConsumerKey(OATH CLIENT ID):3MVG9XXXXXXXXXXX
SalesforceConsumerSecret(OAUTH CLIENT SECRET):1286XXXXXXXXXXXXXXXXXXXX
SalesforceUser(USERNAME):someuser@somedomain.com
SalesforceConsumerSecret(PASSWORD):somePassw0r5

After activating the FEED we have got this following error:
Error: REMOTE_SERVER_REPORTED_BAD_REQUESTA connection to the source was established, but the source rejected the request.

Does anyone know this error and can help us with it?

I am sure that I am not the first one who's trying to get salesforce events log on the Google SecOps SIEM.

Regards

 

1 2 262
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
chrisproudley
Staff
Reply posted on --/--/---- --:-- AM

 Hi @zwerd, there are a few areas that might help.

First, did you enable Client Credential Flow Policies for External Client Apps? Details: https://help.salesforce.com/s/articleView?language=en_US&id=xcloud.policies_configure_client_credent...

If you did, there are a few OAUTH quirks detailed in the Salesforce article 'OAuth 2.0 Username-Password Flow for Special Scenarios': https://help.salesforce.com/s/articleView?id=xcloud.remoteaccess_oauth_username_password_flow.htm&ty...

You could also try:

  1. Appending the security token at the end of the password
  2. Adding the ?grant_type_password to TokenEndPoint
grant_type=password&
client_id=3MVG9lKcPoNINVBIPJjdw1J9LLM82HnFVVX19KY1uA5mu0QqEWhqKpoW3svG3XHrXDiCQjK1mdgAvhCscA9GE&
client_secret=1955279925675241571&
username=testuser@salesforce.com&
password=mypassword

 Please let me know how you get on, good luck!

Posted on --/--/---- --:-- AM
zwerd
Bronze 1
Bronze 1
In response to chrisproudley
Reply posted on --/--/---- --:-- AM

Hi Chris!

Thank you for your help. Unfortunatly, we are still struggling with getting Salesforce's events logs on the Google SecOps SIEM.

We've enable Client Credential Flow Policies for External Client Apps and we've tried to append "&" at the end of each field, but we still got a "Fail". 

These following fields are those we've insert to the FEED config page:

API HOSTNAME: https://xxxxxxx.lightning.force.com/
TYPE:OAuth password grant
OAUTH TOKEN ENDPOINT: https://xxxxxxx.my.salesforce.com/services/oauth2/token?grant_type=password&

SalesforceConsumerKey(OATH CLIENT ID):3MVG9XXXXXXXXXXX&
SalesforceConsumerSecret(OAUTH CLIENT SECRET):1286XXXXXXXXXXXXXXXXXXXX&
SalesforceUser(USERNAME):someuser@somedomain.com&
SalesforceConsumerSecret(PASSWORD):somePassw0r5

Do you know what else can we do?

we'll be greatful for that.

Thank you!

Top Solution Authors
View all