# How to Login as a Connected Application

To connect to Salesforce using the [OAUTH JWT flow](https://help.salesforce.com/articleView?id=remoteaccess_oauth_jwt_flow.htm\&type=5), CopyStorm can be configured with:

1. The OAUTH Consumer Key and Certificate.
2. The username and endpoint for the Salesforce instance.

JWT Authentication can be enabled in Salesforce by following [this tutorial](https://trailhead.salesforce.com/en/content/learn/modules/connected-app-basics/connected-app-basics-api-integration). The overall process is to:

1. Create a Connected Application.
2. Configure Mutual Authentication, including a Digital Signature and appropriate OAuth Scopes.
3. Update the Connected Application Policies to allow appropriate users to login to Salesforce.

OAUTH logins can be enabled in CopyStorm by going to the Advanced Parameters dialog on the Main tab:

![](/files/5xAejPnuP4Z3q6qCDDMM)

After selecting the Oauth 2.0 JWT login type, provide the credentials needed to authenticate with Salesforce:

![](/files/hRE6ZQs5wBEOs6CjFNuf)

## OAuth Connection Parameters

| Parameter Name           | Default Setting | Required | Description                                                                                                                           |
| ------------------------ | --------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| Keystore                 |                 | Yes      | Path to a JKS or PKCS12 Keystore containing the private key used to sign JWT requests.                                                |
| Keystore Password        |                 | Yes      | Password used to access the Keystore (blank if the Keystore does not have a password).                                                |
| Key Alias                |                 | Yes      | The name of the private key used to sign JWT requests.                                                                                |
| Key Password             |                 | Yes      | The password used to access the private key.                                                                                          |
| OAUTH Client Id          |                 | Yes      | The Salesforce-generated Client Id for the Connected Application.                                                                     |
| Username                 |                 | Yes      | The login Id of the CopyStorm Salesforce user.                                                                                        |
| Token Validity (minutes) | 240             | Yes      | The lifetime of JWT access tokens. If the token expires during the CopyStorm run, CopyStorm will re-authenticate and get a new token. |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://learn.capstorm.com/frequently-asked-questions/usage/where-does-copystorm-store-passwords/how-to-login-as-a-connected-application.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.