Versions Compared

Old Version 11

changes.mady.by.user Benn Oshrin

Saved on

compared with

New Version 12

changes.mady.by.user Benn Oshrin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Add a new Organizational Identity Source, via ConfigurationOrganizational Identity Sources > Add Organizational Identity Source.
    1. Set the Plugin type to SalesforceSource.
    2. For information about other configuration options, see Organizational Identity Sources.
    3. Click Add.
    4. After the configuration has been saved, a Salesforce Redirect URI will be available. Keep this handy for the next step.
      1. (warning) Salesforce requires the use of HTTPS for the callback. Your Registry installation must be running under HTTPS.
  2. In another browser tab or window, login to Salesforce. Add a new Connected App via Setup > Quick LinksManage Apps. Click the New button in the Connected Apps section.
    1. Set the Connected App Name and Contact Email.
    2. Under API, tick Enable OAuth Settings.
    3. Set the Callback URL to the URI provided in step 1, above.
    4. Added at least these two OAuth Scopes:
      1. Access and manage your data (api)
      2. Perform requests on your behalf at anytime (refresh_token, offline_access)
    5. Click Save. (You may need to scroll up to see the confirmation message.)
    6. On the next page, a Consumer Key and Consumer Secret will be made available. Keep these handy for the next step.
  3. Return to the Organizational Identity Source configuration and complete the configuration.
    1. Salesforce Base URL: The base URL of your Salesforce instance, eg https://test.salesforce.com
      1. (warning) The plugin will work with either the generic service name (test.salesforce.com) or a specific instance (cs123.salesforce.com), but note that Salesforce periodic migrates customers to new instances (in Salesforce terms, an instance refresh). In such an event, when configured with the generic service name the plugin should detect the new instance automatically, though it may be necessary to obtain a new token (described below).
    2. Client ID: The Consumer Key obtained in step 2.
    3. Client Secret: The Consumer Secret obtained in step 2.
    4. Select which objects you would like to be searched.
      1. (warning) If you do not select either Search Contacts or Search Users, then all objects will be searched. Such a configuration is not recommended.
    5. Click Save.
  4. Return to the Salesforce Connected App configuration page, click the Manage button at the top, then click the Edit Policies button. Update the policies as follows:
    1. Permitted Users: All users may self-authorize
    2. IP Relaxation: Relax IP restrictions
      1. (info) You may instead be able to set Trusted IP Range for OAuth Web server flow from the Connected App's main configuration page.
    3. Refresh Token Policy: Refresh token is valid until revoked
    4. Click Save.
  5. Finally, return to the Organizational Identity Source configuration to obtain an OAuth token.
    1. The configuration should indicate that the Auth Token is "Not Set", and there should now be a button "Obtain New Token".
    2. Upon clicking that button, you will be taken to the Salesforce login page. Log in as a sufficiently authorized user.
    3. After successful login, you should be returned to the OIS configuration page, and the Auth Token should now be "Set".
    4. (info) Should it ever be necessary to obtain a new token (eg: if the administrator who performed the initial setup no longer has a valid Salesforce account), simply return to the configuration page and click the "Obtain New Token" button again.

...