Overview
LinkSquares uses OAuth authentication when integrating with Salesforce. LinkSquares recommends creating a service account in Salesforce that will be used to connect the two instances. This service account will be used to read/write/create/edit from the objects they have access to in Salesforce.
This service account does not require system admin privileges in Salesforce. The user requires
- API access and
- Create/Read/Write permissions for certain objects
The Salesforce ‘Login As’ feature does not work for establishing the LinkSquares connection. The following page goes through setting up a service account user in Salesforce for customers who do not want to have a Salesforce Admin use a full admin account to OAuth the LinkSquares application.
-
Service Account Requirements using a Salesforce Integration License
- In LinkSquares, Create a user with the same email address in the web application
- Authorizing Your LinkSquares Salesforce Integration
- Unblock LinkSquares OAuth Requests in Salesforce
Service Account Requirements using a Salesforce Integration License
-
Create a new Service Integration User with the User License ‘Salesforce Integration’ and assign the profile ‘Salesforce API Only System Integrations’.
- The service account’s email address should be an address that can actually receive an email. This can be an email account specifically setup for linksquaresintegration@company.com or simply the Salesforce admin’s email address with “+linksquaresintegration” appended to it. (for example jdoe+linksquaresintegration@company.com). In this case, an email would be sent to jdoe to set a password for the integration user. The Salesforce ‘Login As’ feature does not work for establishing the Linksquares connection.
-
Assign the ‘Salesforce API Integration’ permission set license to the service account.
-
Create the following permission set to the service account user:
-
Create a Permission Set ‘LinkSquares API Integration’ with license type ‘Salesforce API Integration'
- Under ‘System Permissions’ give access to ‘View All Data’, ‘Customize Application’, ‘Modify Metadata Through Metadata API Functions’, and ‘Download AppExchange Packages’ (Download AppExchange Packages recommended but optional)
-
Assign Permission Set ‘LinkSquares API Integration’ to the new Service Integration User.
5. If you’re using Analyze Auto Push, in the Permission Set click on ‘Object Settings’. Allow Read/Create/Edit/Delete/View All/Modify All for the LinkSquares__Agreement__c object and Edit Access for fields on the object.
6. If you’re using the Finalize Salesforce package, add Finalize object access by assigning the appropriate permission set(s).
-
-
-
- If you’re currently on package 2.16 or greater assign the ‘Finalize Admin (API Integration)’ permission set to the service account.
- If you’re currently on a package less than 2.16,
-
- Clone the ‘Finalize Admin’ Permission Set and name it ‘LinkSquares Finalize API Integration’
- Edit ‘Visualforce Page Access’ and remove the ‘LinkSquares.Token’ page
- Assign the permission set to the service account
-
-
-
Authorizing Your LinkSquares Salesforce Integration
When Authorizing the applications - make sure to Login as the Service Integration User or as a Salesforce Administrator - this is the user that will own the connection. We recommend logging out of all Salesforce windows.
-
In an incognito window, login to LinkSquares and navigate to https://app.linksquares.com/integrations/sfdc/authorize
-
Alternatively, check your email inbox for the Analyze SF authorization email.
-
-
Choose which LinkSquares applications you would like to connect to Salesforce and then select whether you’d like to connect to a production or sandbox Salesforce org. If you have a current Salesforce connection they will be listed at the bottom of this page.
-
Login to Salesforce with the account you want to use for the Salesforce <> LinkSquares connection. LinkSquares recommends using a service account user.
-
Allow LinkSquares access to your Salesforce instance.
OAuth Access Options (All are required):
-
“Access the identity URL service” allows LinkSquares to identify the account used to connect LinkSquares to Salesforce
-
“Manage user data via APIs” allows LinkSquares to access and manage permitted data within Salesforce such as creating LinkSquares agreement objects and viewing documents.
-
“Perform requests at any time” allows LinkSquares to access Salesforce for more than the default of 2 hours.
If the authorization was successful, you will be redirected to the success page.
Unblock LinkSquares OAuth Requests in Salesforce
If you receive an error when trying to connect LinkSquares to Salesforce, you may need to unblock the application.
-
In Salesforce, navigate to Setup > Apps > Connected Apps > Connected Apps OAuth Usage.
-
Locate LinkSquares. In the Actions column, click Unblock.
- If the problem persists, contact LinkSquares Support.