> ## Documentation Index
> Fetch the complete documentation index at: https://infisical.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.
# Create
> Create a Salesforce OAuth Credentials Rotation for the specified project.
Check out the configuration docs for [Salesforce OAuth Credentials Rotations](/documentation/platform/secret-rotation/salesforce-oauth-credentials) to learn how to obtain the required parameters.
Creates a Salesforce OAuth Credentials secret rotation. Infisical will rotate the consumer secret of the specified External Client App via your [Salesforce connection](/integrations/app-connections/salesforce) and write the rotated consumer key/secret pair to the specified secret path.
## Request body
| Field | Type | Required | Description |
| ------------------------------- | ------------- | -------- | -------------------------------------------------------------------------------------------------------- |
| `name` | string | Yes | A unique, slug-friendly name for the rotation (max 100 characters). |
| `projectId` | string (UUID) | Yes | The project ID. |
| `connectionId` | string (UUID) | Yes | ID of the Salesforce app connection. |
| `environment` | string | Yes | Environment slug (e.g. `dev`, `prod`). |
| `secretPath` | string | Yes | Path where the generated secrets will be stored. |
| `isAutoRotationEnabled` | boolean | No | Whether to rotate automatically on the schedule. Defaults to `true`. |
| `rotationInterval` | number | Yes | Days between rotations (minimum `1`). |
| `rotateAtUtc` | object | No | Time of day (UTC) to run rotation: `{ "hours", "minutes" }`. Defaults to `{ "hours": 0, "minutes": 0 }`. |
| `parameters.appId` | string | Yes | The identifier of the Salesforce External Client App to rotate the consumer secret for. |
| `parameters.appName` | string | Yes | The developer name of the Salesforce External Client App to rotate the consumer secret for. |
| `secretsMapping.consumerKey` | string | Yes | Secret key name to store the rotated consumer key (e.g. `SALESFORCE_CONSUMER_KEY`). |
| `secretsMapping.consumerSecret` | string | Yes | Secret key name to store the rotated consumer secret (e.g. `SALESFORCE_CONSUMER_SECRET`). |
| `description` | string | No | Optional description. |
## Sample request
```bash theme={"dark"}
curl --request POST \
--url https://us.infisical.com/api/v2/secret-rotations/salesforce-oauth-credentials \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ' \
--data '{
"name": "my-salesforce-rotation",
"projectId": "",
"description": "Salesforce ECA consumer secret rotation",
"connectionId": "",
"environment": "dev",
"secretPath": "/",
"isAutoRotationEnabled": true,
"rotationInterval": 30,
"rotateAtUtc": { "hours": 0, "minutes": 0 },
"parameters": {
"appId": "",
"appName": ""
},
"secretsMapping": {
"consumerKey": "SALESFORCE_CONSUMER_KEY",
"consumerSecret": "SALESFORCE_CONSUMER_SECRET"
}
}'
```
## Sample response
```json theme={"dark"}
{
"secretRotation": {
"id": "",
"name": "my-salesforce-rotation",
"description": "Salesforce ECA consumer secret rotation",
"secretsMapping": {
"consumerKey": "SALESFORCE_CONSUMER_KEY",
"consumerSecret": "SALESFORCE_CONSUMER_SECRET"
},
"isAutoRotationEnabled": true,
"activeIndex": 0,
"connectionId": "",
"rotationInterval": 30,
"rotateAtUtc": { "hours": 0, "minutes": 0 },
"type": "salesforce-oauth-credentials",
"parameters": {
"appId": "",
"appName": ""
}
}
}
```
## OpenAPI
````yaml POST /api/v2/secret-rotations/salesforce-oauth-credentials
openapi: 3.0.3
info:
title: Infisical API
description: List of all available APIs that can be consumed
version: 0.0.1
servers:
- url: https://us.infisical.com
description: Production server (US)
- url: https://eu.infisical.com
description: Production server (EU)
- url: http://localhost:8080
description: Local server
security: []
paths:
/api/v2/secret-rotations/salesforce-oauth-credentials:
post:
tags:
- Secret Rotations
description: >-
Create a Salesforce OAuth Credentials Rotation for the specified
project.
operationId: createSalesforceOAuthCredentialsRotation
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
name:
type: string
minLength: 1
maxLength: 64
description: >-
The name of the Salesforce OAuth Credentials Rotation to
create. Must be slug-friendly.
projectId:
type: string
minLength: 1
description: The ID of the project to create the rotation in.
description:
type: string
maxLength: 256
nullable: true
description: >-
An optional description for the Salesforce OAuth Credentials
Rotation.
connectionId:
type: string
format: uuid
description: The ID of the Salesforce Connection to use for rotation.
environment:
type: string
minLength: 1
maxLength: 64
description: >-
The slug of the project environment to create the rotation
in.
secretPath:
type: string
minLength: 1
description: The secret path of the project to create the rotation in.
isAutoRotationEnabled:
type: boolean
default: true
description: >-
Whether secrets should be automatically rotated when the
specified rotation interval has elapsed.
rotationInterval:
type: number
minimum: 1
description: The interval, in days, to automatically rotate secrets.
rotateAtUtc:
type: object
properties:
hours:
type: number
minimum: 0
maximum: 23
minutes:
type: number
minimum: 0
maximum: 59
required:
- hours
- minutes
additionalProperties: false
description: >-
The hours and minutes rotation should occur at in UTC.
Defaults to Midnight (00:00) UTC.
parameters:
type: object
properties:
appId:
type: string
minLength: 1
description: >-
The identifier of the Salesforce External Client App to
rotate the consumer secret for.
appName:
type: string
minLength: 1
description: >-
The developer name of the Salesforce External Client App
to rotate the consumer secret for.
required:
- appId
- appName
additionalProperties: false
secretsMapping:
type: object
properties:
consumerKey:
type: string
minLength: 1
description: >-
The name of the secret that the rotated Salesforce
consumer key will be mapped to.
consumerSecret:
type: string
minLength: 1
description: >-
The name of the secret that the rotated Salesforce
consumer secret will be mapped to.
required:
- consumerKey
- consumerSecret
additionalProperties: false
required:
- name
- projectId
- connectionId
- environment
- secretPath
- rotationInterval
- parameters
- secretsMapping
additionalProperties: false
responses:
'200':
description: Default Response
content:
application/json:
schema:
type: object
properties:
secretRotation:
type: object
properties:
id:
type: string
format: uuid
name:
type: string
description:
type: string
nullable: true
isAutoRotationEnabled:
type: boolean
default: true
activeIndex:
type: number
default: 0
folderId:
type: string
format: uuid
connectionId:
type: string
format: uuid
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
rotationInterval:
type: number
rotationStatus:
type: string
lastRotationAttemptedAt:
type: string
format: date-time
lastRotatedAt:
type: string
format: date-time
lastRotationJobId:
type: string
nullable: true
nextRotationAt:
type: string
format: date-time
nullable: true
isLastRotationManual:
type: boolean
default: true
connection:
type: object
properties:
app:
type: string
enum:
- salesforce
name:
type: string
id:
type: string
format: uuid
required:
- app
- name
- id
additionalProperties: false
environment:
type: object
properties:
slug:
type: string
name:
type: string
id:
type: string
format: uuid
required:
- slug
- name
- id
additionalProperties: false
projectId:
type: string
folder:
type: object
properties:
id:
type: string
path:
type: string
required:
- id
- path
additionalProperties: false
rotateAtUtc:
type: object
properties:
hours:
type: number
minimum: 0
maximum: 23
minutes:
type: number
minimum: 0
maximum: 59
required:
- hours
- minutes
additionalProperties: false
lastRotationMessage:
type: string
nullable: true
type:
type: string
enum:
- salesforce-oauth-credentials
parameters:
type: object
properties:
appId:
type: string
minLength: 1
description: >-
The identifier of the Salesforce External Client
App to rotate the consumer secret for.
appName:
type: string
minLength: 1
description: >-
The developer name of the Salesforce External
Client App to rotate the consumer secret for.
required:
- appId
- appName
additionalProperties: false
secretsMapping:
type: object
properties:
consumerKey:
type: string
minLength: 1
description: >-
The name of the secret that the rotated Salesforce
consumer key will be mapped to.
consumerSecret:
type: string
minLength: 1
description: >-
The name of the secret that the rotated Salesforce
consumer secret will be mapped to.
required:
- consumerKey
- consumerSecret
additionalProperties: false
required:
- id
- name
- folderId
- connectionId
- createdAt
- updatedAt
- rotationInterval
- rotationStatus
- lastRotationAttemptedAt
- lastRotatedAt
- connection
- environment
- projectId
- folder
- rotateAtUtc
- type
- parameters
- secretsMapping
additionalProperties: false
required:
- secretRotation
additionalProperties: false
'400':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 400
message:
type: string
error:
type: string
details: {}
required:
- reqId
- statusCode
- message
- error
additionalProperties: false
'401':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 401
message:
type: string
error:
type: string
required:
- reqId
- statusCode
- message
- error
additionalProperties: false
'403':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 403
message:
type: string
details: {}
error:
type: string
required:
- reqId
- statusCode
- message
- error
additionalProperties: false
'404':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 404
message:
type: string
error:
type: string
required:
- reqId
- statusCode
- message
- error
additionalProperties: false
'422':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 422
message: {}
error:
type: string
required:
- reqId
- statusCode
- error
additionalProperties: false
'500':
description: Default Response
content:
application/json:
schema:
type: object
properties:
reqId:
type: string
statusCode:
type: number
enum:
- 500
message:
type: string
error:
type: string
required:
- reqId
- statusCode
- message
- error
additionalProperties: false
````