Versions Compared

Old Version 10

changes.mady.by.user Benn Oshrin

Saved on

compared with

New Version 11

changes.mady.by.user Benn Oshrin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Salesforce Organizational Identity Source Plugin is designed to integrate with Salesforce via the Force.com REST API. The Salesforce OIS Plugin is available in Registry v3.1.0 and later.

Modes

 

Section
Column
Org Identity Source Mode
Support
Manual Search and LinkingSupported
Enrollment, AuthenticatedNot supported
Enrollment, ClaimNot supported
Enrollment, SearchSupported
Enrollment, SelectSupported
Column
Org Identity Sync Mode
Support
FullNot supported
QuerySupported
UpdateSupported
ManualSupported

Installation

...

  1. Add a new Organizational Identity Source, via ConfigurationOrganizational Identity Sources > Add Organizational Identity Source.
    1. Set the Plugin type to SalesforceSource.
    2. For information about other configuration options, see Organizational Identity Sources.
    3. Click Add.
    4. After the configuration has been saved, a Salesforce Redirect URI will be available. Keep this handy for the next step.
      1. (warning) Salesforce requires the use of HTTPS for the callback. Your Registry installation must be running under HTTPS.
  2. In another browser tab or window, login to Salesforce. Add a new Connected App via Setup > Quick LinksManage Apps. Click the New button in the Connected Apps section.
    1. Set the Connected App Name and Contact Email.
    2. Under API, tick Enable OAuth Settings.
    3. Set the Callback URL to the URI provided in step 1, above.
    4. Added at least these two OAuth Scopes:
      1. Access and manage your data (api)
      2. Perform requests on your behalf at anytime (refresh_token, offline_access)
    5. Click Save. (You may need to scroll up to see the confirmation message.)
    6. On the next page, a Consumer Key and Consumer Secret will be made available. Keep these handy for the next step.
  3. Return to the Organizational Identity Source configuration and complete the configuration.
    1. Salesforce Base URL: The base URL of your Salesforce instance, eg eg https://test.salesforce.com
      1. (warning) The plugin will work with either the generic service name (test.salesforce.com) or a specific instance (cs123.salesforce.com), but note that Salesforce periodic migrates customers to new instances. In such an event, when configured with the generic service name the plugin should detect the new instance automatically, though it may be necessary to obtain a new token (described below).
    2. Client ID: The Consumer Key obtained in step 2.
    3. Client Secret: The Consumer Secret obtained in step 2.
    4. Select which objects you would like to be searched.
      1. (warning)If  If you do not select either Search Contacts or Search Users, then all objects will be searched. Such a configuration is not recommended.
    5. Click Save.
  4. Return to the Salesforce Connected App configuration page, click the Manage button at the top, then click the Edit Policies button. Update the policies as follows:
    1. Permitted Users: All users may self-authorize
    2. IP Relaxation: Relax IP restrictions
      1. (info) You may instead be able to set Trusted IP Range for OAuth Web server flow from the Connected App's main configuration page.
    3. Refresh Token Policy: Refresh token is valid until revoked
    4. Click Save.
  5. Finally, return to the Organizational Identity Source configuration to obtain an OAuth token.
    1. The configuration should indicate that the Auth Token is "Not Set", and there should now be a button "Obtain New Token".
    2. Upon clicking that button, you will be taken to the Salesforce login page. Log in as a sufficiently authorized user.
    3. After successful login, you should be returned to the OIS configuration page, and the Auth Token should now be "Set".
    4. (info) Should it ever be necessary to obtain a new token (eg: if the administrator who performed the initial setup no longer has a valid Salesforce account), simply return to the configuration page and click the "Obtain New Token" button again.

...