Salesforce Listeners

Learn more about Salesforce listeners.

Creating Salesforce Listeners

To create a listener for a project, you need to have an admin, developer, or a custom role that includes write and execute permissions for that project. Without these required permissions, you would not be able to create listeners. For more information about role and permissions, see Roles.

  1. Go to the project in which you want to create a listener.
  2. Click Events > Listeners.

  3. Click New Listener. The Add Listener screen appears.

  4. Enter the following details in the Add Listener screen:

    • Type of listener - Select the name of the connector from the drop-down list for which you want to create a listener.
    • Select version - Select the connector version for which you want to create a listener.
  5. Enter the following details in the Add Listener configuration screen:
    • Name - Provide a display name for the listener. It can contain alphanumeric characters, underscores (_) and hyphens (-).
    • Description - Provide a description for the listener.
    • Streaming API endpoint URL - Specify the endpoint of the streaming provider. For configuring a Salesforce streaming endpoint, specify the URL in the following format: https://<Salesforce_Instance>/cometd/<Salesforce API version>, for example, https://ap5.salesforce.com/cometd/44.0.
    • Select replay option - The IBM webMethods Integration listener for Salesforce can subscribe and listen to Salesforce events. This allows the IBM webMethods Integration listener to establish a persistent connection with Salesforce. This connection remains open while transmitting the events until either side closes the connection. Through this established connection, events are streamed to the listener. If the connection is lost due to a network failure or any other reason, you can retrieve the standard-volume events that are within the 24-hour retention window in Salesforce. You can retrieve Salesforce events only if you are using Salesforce v37.0 or later versions.

      Each Salesforce event is assigned a unique opaque ID for each event. This ID is contained in the *replayId* field of the event object. The *replayId* field value, which is populated by Salesforce when the event is delivered to subscribers, refers to the position of the event in the event stream. For consecutive events, the replayId values may not be sequential. For example, an event with ID 110 may follow an event with ID 101.

      To replay events, Salesforce provides a way to configure the replayId while subscribing to a particular channel. You can replay the events by specifying the replay option, and use it during resubscription to retrieve events that are within the retention window.

      • Last Received - Receive all events that occurred after the most recently saved replay ID. The IBM webMethods Integration server by default saves the replay ID of your most recently received event. When you select this option, you will receive all events that occured after the most recently saved replay ID each time the listener re-connects.
      • New - Receive new events that are broadcast after the client subscribes and replay only the new events from the time the listener is enabled.
      • All - Receive all events including past events that are within the retention window and the new events. Due to the possibility of exceeding daily streaming consumption limits, IBM does not recommend using this option.
    • Select Account - Select an account to connect to the application. The streaming functionality will leverage the existing authentication, timeouts, truststore, keystore, and host name verification configurations from the referenced account selected in the Select Account drop-down list field.
    • Select subscription - Select a channel from the list of available subscription channels you want the listener to connect.
      Currently, we are supporting the following subscription events:
      • Salesforce Push Topic Event - Select this subscription event if you want to receive notifications for changes to Salesforce data that match a SOQL query you define.
      • Salesforce Platform Event - Select this subscription event if you want to receive notifications about event messages published by publishers in real time.
      • Salesforce Change Data Capture Event - Select this subscription event if you want to receive notifications about changes pertaining to CRUD operations on Salesforce records.
      • Salesforce Generic Event - Select this subscription event if you want to receive notifications about events that are external to Salesforce.
      Note: For more information about these events, see Salesforce documentation.
  6. Click Next. You will be redirected to the Parameters and Headers screen.
  7. Review and configure the Parameters.
    • Review the pre-configured parameters such as name and description, the data type used to represent the kind of information the parameter can hold, and the parameterization type for the subscription request, for the selected subscription.
    • Provide a value for the Default value parameter.

      The supported default value formats for each Salesforce subscription event is listed in the following table:

      Salesforce Event Supported Default Value Format(s)
      Push Topic Event PushTopic name
      Platform Event API name
      Change Data Capture Event The following formats are supported:
      • ChangeEvent name
      • ObjectNameChangeEvent
      • CustomObjectName_ChangeEvent
      Generic Event GenericStreamingChannel name
  8. Click Add Header to add necessary headers and provide the following details:
    • Header name - Provide a valid header name.
    • Header value - Provide a default value for the header.
    • Status - Toggle on the status switch to Active to include the header as a part of the subscription request.
    • Actions - Click Delete to delete the header.

  9. Click Next and specify the following details in the Event screen:

    • Select Flow service name - Select the Flow service you want to run when the subscribed event occurs.
    • Select a user to run Flow service - Select a project user you want to use to run the selected Flow service. If the selected user does not have necessary permissions to run the specified Flow service, the Flow service execution will not complete when the subscribed event occurs.
    • Select ErrorCallBackFlowService name - Select any existing Flow service that you want to invoke when an error occurs (that cannot be automatically recovered by the listener and requires manual intervention). Flow services that are created with Error Callback Service Spec specification are only listed in the list.
    Note:
    • You can also create a new Flow service by clicking the Add button and providing the name.

    • By default, the Error Callback Service Spec specification is selected for the Flow services created from this page. In case, while configuring the Flow service, if you have cleared the Error Callback Service Spec option, then the Flow service is not listed in the Select ErrorCallBackFlowService name field. >

  10. Click Save. The Summary tab appears.

  11. Review the listener summary.

    Note: You can click the Flow service name to view and configure the details about the Flow service. From this method, the Error Callback Service Spec option is selected and the Specification reference field is in disabled state.
  12. Click Save. The listener is created and is in disabled state. To enable the listener, follow the instructions mentioned in Enabling Listeners.
    Note:
    • Listeners created in one tenant cannot be published to another tenant.
    • The Salesforce listener receives events in the same order in which Salesforce sends them. As the Salesforce listener processes the messages asynchronously, there is no guarantee of the order of event processing.

Salesforce Listener Error Management

Listeners may encounter errors while listening to events due to reasons such as incorrect account configurations, exceeding transaction limits, or errors on the Salesforce system. When an error occurs, listeners are suspended abruptly. Following are some disadvantages of not using error management:

  • You do not get any alerts about the errors.

  • The events occurred during the listener downtime are not captured and cannot be retrieved.

  • There is a loss of information, and you must manually verify the logs and track the errors which is a time-consuming activity.

For Salesforce listeners you can manage errors by configuring an Error Callback Service Spec specification flow service that defines the actions that the listener must perform when a non-recoverable error occurs and the listener is suspended. Few examples are submitting a ticket to the Ticketing System or sending an SMS to the operations team. These alerts allow you to be aware of issues and rectify them as soon as possible with very minimal loss of information.

You can configure the flow service using the Select ErrorCallBackFlowService name option in the Add listener wizard. The behavior of the listener is as follows when you configure the error management option:

  1. The listener is enabled and listening to events from Salesforce. When an error occurs:
  2. Listener retries the action up to 5 times by default. If the listener:
    • Succeeds - The listener continues to listen to the events.
    • Fails - The configured callback Flow service is invoked, and the runtime status of the listener is changed to suspended state. The error information is sent to the callbackService and the details can be viewed in the Status column of the Listeners page.

    For example, you can configure the callback Flow service to show the log messages for the events that have been retried and failed. A sample message is as follows:

  3. Enable the suspended listeners after rectifying the errors manually. Or, the listener is automatically enabled after a package reload.

    Note:
    • For some errors, enabling the listener alone does not work. The listener and the underlying account must be disabled followed by re-enablement of the listener with re-enablement of the underlying account too. For more information on errors, see Handling Errors.
    • For non-recoverable errors, the listener is in a suspended state after a package reload. For example, if an organization limit exceeds on number of events.

The events occurred during the listener downtime are based on the Select replay option provided during listener configuration. By default, Select replay option is set to Last Received. For more information on available replay options, see step 3 in the Creating Listeners section.

The execution details for the callback Flow services configured for listeners can be viewed from the Monitor page and are listed under the Streaming source.

Creating a Error Callback Service Spec Flow service

You can create a Error Callback Service Spec Flow service in one of the following ways - Add listener wizard or Integration page

Add listener wizard

In this method, you can create a Error Callback Service Spec flow service directly from the Events tab in the Add listener wizard. The Error Callback Service Spec specification is automatically selected for the flow services created using this method.

  1. Go to the Events tab in the Add listener wizard.

  2. Click the Add button adjacent to the Select ErrorCallbackFlowService field. The Create CallBackErrorFlowService dialog box appears.

  3. Enter the flow service name.

  4. Click Save. The callback Flow service is created and saved under the Flow services tab in the Integrations page. By default, the Error Callback Service Spec specification is selected for the Flow services. You must define the Flow service steps as per your requirements before enabling the listener.

Integrations page

In this method, you must manually select the Error Callback Service Spec from the Choose Specification field in the Define input and output fields page.

  1. Go to flow services.
  2. Create a flow service and define the flow service steps.
  3. Select Error Callback Service Spec from the Choose Specification field in the Define input and output fields page.
  4. Define the flow service steps.

  5. Save the flow service. The callback flow service is created and saved under the Flow services tab in the Integrations page. The Flow services created in this manner are listed under the Select ErrorCallbackFlowService field in the Events tab of the Add listener wizard.

Handling Errors

When a recoverable or non-recoverable error occurs, webMethods Integration Server moves the listener to the Suspended state. Users can check the error details of a listener by either hovering over or clicking the Suspended option in the Status column.

While recoverable errors are handled automatically by the error handler, non-recoverable errors require user intervention to bring the listener back to active status. When you hover over or click the Suspended option in the Status column, specific details about the error are displayed on the screen. You can identify the cause of the error and take necessary actions to resolve it.

Note: During scheduled backend downtime or maintenance, it is recommended that users follow the instructions provided by the backend.

The following table lists the most common error codes that users may encounter, explanation of the cause, and potential resolutions.

Error code Error message Explanation Action
400 API version in the URI is mandatory. URI format: '/cometd/55.0' The API version is missing in the URI Specify the API version at the end of the URI. For example, '/cometd/55.0'. See Creating Salesforce Listeners for more information.
400 Unsupported API version. Only API versions '23.0' and above are supported. URI format: '/cometd/55.0' The specified API version is not supported. Specify a valid API version. Supported API versions: ‘23.0’ and above. See Creating Salesforce Listeners for more information.
400 The channel you requested to subscribe to does not exist {channel_name} The streaming channel requested to subscribe to does not exist. Ensure that you have created a channel before subscribing.
400 Channel name not specified The channel name is not specified. Specify a valid channel name to subscribe to.
400 Channel subscriptions must start with a leading '/' The specified channel name format is invalid. Specify a valid channel name. Channel names must start with a leading slash (/).
400 Query fields {query_fields} do not exist on the topic entity The supplied query fields do not exist on the Salesforce object specified in the PushTopic. Specify valid query fields on the Salesforce object in the PushTopic.
400 The replayId {replay_id} you provided was invalid. Please provide a valid ID, -2 to replay all events, or -1 to replay only new events. The specified replay ID is invalid. Specify a valid replay ID. Specify -2 to replay all events or -1 to replay only new events.
401 Authentication invalid The specified authentication token or session ID is invalid. Perform the following steps to resolve this issue:
  1. Disable the suspended listener.
  2. Disable the associated connection and then re-enable it.
  3. Go back to the Listeners screen and enable the disabled listener.
401 Request requires authentication The authentication token or session ID was not provided in the request header. Provide a valid authentication token or session ID in the request header.
403 Cannot create channel {channel_name} The subscription channel cannot be created, which can be due to insufficient permissions. Ensure that the required access permissions are provided.
403 Subscriber does not have access to the entity in this topic The subscriber does not have access to the Salesforce object in the PushTopic. Ensure that the subscriber has access to the Salesforce object in the PushTopic.
403 Subscriber does not have access to all fields referenced in the where clause of the PushTopic. The subscriber does not have access to all fields referenced in the WHERE clause of the PushTopic. Ensure that the subscriber has access to all fields referenced in the WHERE clause of the PushTopic.
403 Handshake denied The handshake request was denied. Perform the following steps to resolve this issue:
  1. Disable the suspended listener.
  2. Disable the associated connection and then re-enable it.
  3. Go back to the Listeners screen and enable the disabled listener.
403 Client has not completed handshake The client has not completed a handshake. Perform the following steps to resolve this issue:
  1. Disable the suspended listener.
  2. Disable the associated connection and then re-enable it.
  3. Go back to the Listeners screen and enable the disabled listener.
403 Organization concurrent user limit exceeded The maximum number of concurrent clients across all channels has been exceeded.  
403 Organization total events daily limit exceeded The maximum number of delivered event notifications within a 24-hour period to all CometD clients has been exceeded. Try again after 24 hours.
403 Restricted channel The user does not have the required permissions to subscribe to the streaming channel. Ensure that you have the required permissions to subscribe to the streaming channel.
403 User not enabled for streaming The user does not have the read permission on the PushTopic. Ensure that you have the read permission on the PushTopic.
403 User not allowed to subscribe CDC without View All Data permissions The user must have the View All Data permission to subscribe to Change Data Capture. Ensure that you have the View All Data permission before subscribing to Change Data Capture.
403 Unknown client The server deleted the client CometD session due to a timeout, which can be caused by a network failure. This error is recoverable and the error handler will automatically correct the error. After some time, on the Listeners screen, click the Refresh icon to see the updated status of the listener.
403 Subscription limit exceeded for this topic The maximum number of concurrent clients per topic for PushTopic and generic events has been exceeded.  
503 Server is too busy. Please try your request again later. The server cannot process the request because it is too busy. This error is recoverable and the error handler will automatically correct the error. After some time, on the Listeners screen, click the Refresh icon to see the updated status of the listener.

What does "403: denied_by_security_policy: create_denied" mean and how can it be resolved?

The error 403: denied_by_security_policy: create_denied indicates that the user you are connecting with does not have read or create permissions for the platform event you are trying to subscribe to. This error occurs when the security policies or access settings within Salesforce restrict the creation of platform events for that user. As a result, the subscription attempt fails because it is unable to create the event on behalf of the connecting user.

To view or modify permissions associated with the user, perform the following steps:

  1. Log in to your Salesforce account and navigate to the Setup link in the top-right corner of the home page.
  2. In the Setup page, search for "Users" in the quick find search bar or select Users under the Manage Users section on the left sidebar. A list of users appears on the screen.
  3. Click on the name of the specific user for whom you want to check the permissions.
  4. On the User detail page, find the Profile field and click on the profile name.
  5. On the Profile detail page, scroll down to find the Platform Event Permissions section and review the permissions assigned to that profile for the platform event. To update the permission set, click on the Edit button, select the check boxes next to the required permissions, and click Save.