When integrating your Salesforce with Zoom to sync deal progress with Zoom Revenue Accelerator, you will be asked for the JWT from your Salesforce account. In generating the token, you must follow this guide in the order listed.

This article contains:

• How to create a private key and self-signed digital certificate
  • macOS
  • Windows
• How to generate the Salesforce JWT
  • Create a connected app in Salesforce
  • Edit the App Policy
  • Grant app access to system administrator
  • Generate the JWT
  • (Optional) Validate the token

Prerequisites for generating Salesforce JWT for Zoom Revenue Accelerator

• Pro, Business, Enterprise, or Zoom Phone standalone account

• Licensed user with Zoom Revenue Accelerator license

• Salesforce account with admin access

How to create a private key and self-signed digital certificate

Select your platform to view the instructions on how to create a private key and a self-signed digital certificate. This is the first step in successfully generating a Salesforce JWT.

How to generate the Salesforce JWT

After creating a private key and a self-signed digital certificate, follow these steps in the order listed.

Create a connected app in Salesforce

1. Sign in to Salesforce as admin.
2. Click on the  icon, then click Setup.
3. In the navigation panel, click Apps, then App Manager.
4. Click New Connected App.
5. In the Basic Information section, enter your Connected App Name, API Name, and Contact Email.
6. In the API (Enable OAuth Settings) section, select Enable OAuth Settings.
7. In the Callback URL field, enter https://login.salesforce.com

8. Select Use digital signatures then click Choose File.

9. Open the JWT directory you have created then select server.crt.

10. In the Selected OAuth Scopes, add the following:
    • Access unique user identifiers (openid)
    • Full access (full)
    • Manage user data via Web browsers (web)
    • Perform requests at any time (refresh_token, offline_access)
      
      

11. Click Save.

12. When a dialog box appears saying changes will take up to 10 minutes to take effect, click Continue.

Note: Once the page loads, you should see a Consumer Key. Click Copy and paste it on a notepad. This will be used when generating the JWT. In cases where the Consumer Key does not appear, click Manage Consumer Details. You will be asked to verify your identity through a verification code sent to your email before it displays your Consumer Key.

Edit the App Policy

1. In the Salesforce admin account set up page navigation panel, click App then Connected Apps, and then Manage Connected Apps.
2. Click Edit beside the app you created.
3. In the OAuth Policies section, set Permitted Users to Admin approved users are pre-authorized.
   Click OK if a dialog box appears.
4. Set IP Relaxation to Enforce IP restrictions, and Refresh Token Policy to Refresh token is valid until revoked.
   
5. Click Save

Grant app access to system administrator

1. In the Salesforce admin account set up page navigation panel, click Users then Profiles.
2. From the list of Profiles, select System Administrator then click Edit.
3. In the Connected App Access section, select the app name you have created then click Save.

Generate the JWT

1. Open your browser then access  https://jwt.io/
2. In the Algorithm drop-down, click RS256.
   This will reflect in the HEADER section (from "alg": "HS256", to "alg": "RS256",)
3. In the PAYLOAD section, change the data:
   
   • • from "sub": "1234567890", to "iss": "consumerKey",
       Note: You must complete Creating a connected app in Salesforce to have a Consumer Key. You can get the Consumer Key when you:
   1. 1. 1. 1. Sign in to Salesforce as admin.
            2. Click on the icon, then click Setup.
            3. In the navigation panel, click Apps, then App Manager
            4. Find the app you created, click the drop-down arrow then click View.
            5. In the API (Enable OAuth Settings) section, Copy the Consumer Key.
   • • from "name": "John Doe", to "sub": "username",
       Note: username refers to the Salesforce admin account username.
     • from "admin": true, to "aud": "https://login.salesforce.com",

   Note: aud refers to the Callback URL. You can get the Callback URL when you:

   1. 1. 1. Sign in to Salesforce as admin.
         2. Click on the  icon, then click Setup.
         3. In the navigation panel, click Apps, then App Manager
         4. Find the app you created, click the drop-down arrow then click View.
         5. In the API (Enable OAuth Settings) section, you will find the Callback URL
   • • from "iat": 1516239022 to "exp": 1698325095
       Note: 1698325095 pertains to Thu Oct 26 2023 20:58:15 GMT+0800.
       You can set your own expiration date based on your corporate policies.
       
       
4. In the VERIFY SIGNATURE section, clear both the Public Key field and the Private Key field.
5. Open the JWT directory you have created when you complete How to create a private key and self-signed digital certificate.
6. Select and right-click on server.key, then click Open with, and then select TextEdit (if you are on macOS) or Notepad (if you are on Windows).
7. Copy all the text from the server.key file, then go back to https://jwt.io/ 
8. In the VERIFY SIGNATURE section, paste it into the Private key field.
9. Copy the entire text in the Encoded section.
   This is the jwt token that you need to use when integrating your Salesforce with Zoom Revenue Accelerator to sync deal progress.

(Optional) Validate the token

To validate the token, open a browser and enter
https://login.salesforce.com/services/oauth2/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=${your jwt token}

If your token is not valid, you will see a response that says <error>invalid_grant</error>.