Veeva Vault Setup Guide
Follow our setup guide to connect Veeva Vault to Fivetran.
Prerequisites
To connect Veeva Vault to Fivetran, you need a Veeva Vault user account with API access.
Supported authentication methods:
We support the following authentication methods for Veeva Vault connections:
- Basic Authentication - This authentication method uses your Veeva Vault username and password. We recommend using this authentication method as it is suitable for most use cases.
- OAuth 2.0 - This authentication method allows authentication using an external OAuth 2.0 / OpenID Connect (OIDC) identity provider (IdP) when your organization requires OAuth-based access control.
You can choose one of the authentication methods to connect your Veeva Vault account to Fivetran.
Setup instructions
Depending on the authentication method you choose, perform the following steps to configure your Veeva Vault connection.
Find Base URL
Log in to your Veeva Vault account.
Find your base URL in the Veeva Vault URL and make a note of it. For example, if your URL is
https://promo-vee.veevavault.com/ui/, then your base URL ispromo-vee.veevavault.com.If you have access to multiple vaults on a single domain, the domain name will differ for each vault.
Configure OAuth 2.0
Perform this step only if you want to authenticate using OAuth 2.0. Skip to Finish Fivetran configuration if you want to authenticate using Basic Authentication.
Authenticating Veeva Vault using OAuth 2.0 is a two-step process:
- Fivetran sends your Client ID, Client Secret, and Scope to your external OAuth service. For example, Azure AD, to obtain the Access token.
- Fivetran then uses the access token, along with your Client ID, Vault DNS, and OIDC Profile ID, to request a Veeva session ID from the Veeva OAuth service.
Register application
Register your application in your external OAuth identity provider. For example, Azure AD, using the Client Credentials grant type.
Once your application is registered, make a note of the Client ID, Client Secret, Scope, and OAuth Token Service URL. You will need them to configure Fivetran.
Create an OAuth 2.0 or OIDC profile
Register your external OAuth service as an identity provider in Veeva Vault and create an OAuth 2.0 or OIDC profile. For more information, see the Veeva Vault documentation.
Make a note of the OIDC Profile ID and the Vault DNS. You will need them to configure Fivetran.
Finish Fivetran configuration
In the connection setup form, enter the Destination schema name of your choice.
In the Destination schema names field, choose the naming convention you want Fivetran to use for the schemas, tables, and columns in your destination:
- Fivetran naming: Standardizes the schema, table, and column names in your destination according to the Fivetran naming conventions.
- Source naming: Preserves the original schema, table, and column names from the source system in your destination.
If you want to modify your selection, make sure you do it before you start the initial sync.
(Hybrid Deployment only) If your destination is configured for Hybrid Deployment, the Hybrid Deployment Agent associated with your destination is pre-selected for the connection. To assign a different agent, click Replace agent, select the agent you want to use, and click Use Agent.
Select the Authentication Method: Basic Authentication or OAuth 2.0.
If you chose Basic Authentication, do the following:
i. Enter your Veeva Vault Username and Password.
If you chose OAuth 2.0, do the following:
i. Enter the Client ID, Client Secret, and Scope you found.
ii. Enter the OIDC Profile ID you created.
iii. Enter the OAuth Token Service URL you found.
iv. (Optional) Enter the Vault DNS you created.
Enter the Base URL you found.
To sync the unstructured files, set the Sync Veeva Vault document files to your destination's object storage toggle to ON.
You must select the
DOCUMENTStable from the Schema tab in your Fivetran dashboard to enable syncing unstructured files.Click Save & Test. Fivetran will take it from here and sync your Veeva Vault data.