Many enterprises today manage multiple Salesforce orgs, and a frequent challenge is making Data Cloud data accessible in orgs where Data Cloud isn't enabled. We will explore how to do this with Apex and the Query API in this post.
Data Actions, Enrichments, and More
Let’s first explore the available options for utilizing Data Cloud data within a Salesforce org.
For an org where Data Cloud is enabled, accessing that data is straightforward. You can leverage Flow, Reports, SOQL queries in Apex, the ConnectAPI namespace, or enrichments—everything is natively available.
However, when Data Cloud is enabled in a different org, things change. A good starting point is to push data to the target org through a data action like publishing platform events, which can then be consumed in the other org. This is effective for driving actions and automation but may fall short if you need to query Data Cloud-specific data based on user inputs from other orgs. Luckily, this is where Apex can help.
Authentication Setup
Querying data from one Salesforce org to another using Apex is a well-established pattern. By leveraging the Data Cloud Connect REST API, you can extend this solution to querying Data Cloud data.
Here’s what you'll need for setting up the necessary security and authentication configurations:
Create a Connected App in your Data Cloud org.
Create an Authentication Provider in your target Salesforce org with “Salesforce” as the Provider type.
Create a Named Credential in the Salesforce org.
Configure Remote Site Settings by setting the Remote Site URL to your Data Cloud org's domain.
Refer to our previous blog post for more on next-gen Named Credentials, and check out our Ask Me Anything session for additional details.
OAuth Settings
Since this setup uses an OAuth-based org-to-org connection, you need to ensure the following settings are in place:
Callback URL: Use your Salesforce org’s My Domain URL plus the default OAuth 2.0 callback endpoint. For instance, if your Data Cloud org’s domain is my_data_cloud__org, the callback URL will be:https://my_data_cloud__org.my.salesforce.com/services/oauth2/callback
Appropriate Scopes: Select necessary scopes like Perform ANSI SQL queries (cdp_query_api), Manage Data Cloud profile data (cdp_profile_api), Perform requests anytime (refresh_token), and Manage user data via APIs (api).
OAuth Policies: Assign a permission set to the connected app to ensure security and access control.
With this configuration done, you can use the named credential in Apex to authenticate your callout to the Data Cloud org.
HTTP Callout with Apex
You can query Data Cloud via the Data Cloud Connect REST API by hitting the endpoint:/services/data/v61.0/ssot/queryv2 in your Data Cloud org. This allows querying data using SQL instead of SOQL.
Here’s a simple utility class example in Apex that accepts an SQL query string as input, performs an HTTP callout to execute the query, and returns the results:
public with sharing class DataCloudQueryUtility {
public static String executeSQL(String query) {
HttpRequest req = new HttpRequest();
req.setEndpoint('callout:Data_Cloud_Org/queryv2');
req.setMethod('POST');
req.setHeader('Authorization', 'Bearer ' + UserInfo.getSessionId());
req.setHeader('Content-Type', 'application/json');
req.setBody('{"query": "' + query + '"}');
Http http = new Http();
HttpResponse res = http.send(req);
if (res.getStatusCode() == 200) {
return res.getBody();
} else {
throw new CustomException('Failed to query Data Cloud: ' + res.getStatus());
}
}
}
Conclusion
Using next-gen Named Credentials and Apex, you can now securely query Data Cloud data from any Salesforce org, unlocking complex business use cases. This flexible approach offers great opportunities for building powerful integrations. If you’d like to experiment with this before writing Apex, check out our Postman Collection for some ready-made examples.
Comments