Salesforce Onboarding Guide

Updated 1 month ago by admin

This feature is in Early Access preview.

This guide provides the steps you need to follow in order to onboard Salesforce onto the Posture Management service.

Before starting the integration, please ensure that you have one of the Salesforce Editions that includes API Access functionality:

  • Enterprise Edition
  • Unlimited Edition
  • Developer Edition
  • Performance Edition 

This article will guide you through the following steps:

  • Create a Connected App via the Salesforce portal
  • Configure OAuth token timeout settings
  • Verify a new Connected App and get its Consumer Key and Consumer Secret
  • Add the Salesforce Integration to the Posture Management on the USS Portal

Create a Connected App

  1. Login to Salesforce using an Administrator account.
  2. In the Setup settings, click the Setup
  3. In the Setup sidebar menu, select Apps -> App Manager.
  4. On the Lightning Experience App Manager page, click the New Connected App
  5. On the App Manager page:
    5.1. Create a Connected App Name, e.g. Censornet Posture Management.
    5.2. If needed, update the automatically created API Name.
    5.3. Add a Contact Email.
  6. In the API (Enable OAuth Settings) section, check the Enable OAuth Settings
  7. In the Enter Callback URL field, enter the following URL: https://casbgateway.clouduss.com/sspm/api/v1/salesforce/oauth2/callback
  8. In the Selected OAuth Scopes option, select the following OAuth Scopes:
  • Manage user data via APIs (api)
  • Perform requests at any time (refresh_token, offline_access)
  1. Under the Selected OAuth Scopes option, clear the Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows checkbox.
  2. Under the Selected OAuth Scopes option, select the following checkboxes:
  • Require Secret for Web Server Flow
  • Require Secret for Refresh Token Flow
For the Security Posture Management service to perform properly, ensure that other checkboxes in this section are cleared.
  1. Click the Save
These changes can take up to 10 minutes to take effect.

Configure OAuth token timeout settings

  1. In the Setup sidebar menu, select Apps -> Connected Apps -> Manage Connected Apps.
  2. Select the newly created Censornet Posture Management app in the Connected Apps
  3. In the OAuth Policies section, ensure that the Refresh Token Policy option is set to the Refresh token is valid until revoked value.

Verify a new Connected App and get its Consumer Key and Consumer Secret

  1. In the Setup sidebar menu, select Apps -> App Manager.
  2. On the Lightning Experience App Manager page, select the newly created Censornet Posture Management app and in its drop-down menu click the View button.
  1. On the Censornet Posture Management page, click the Manage Consumer Details button.

  1. On the opened Verify your Identity page, enter the verification code sent according to your verification method.

  1. Click the Verify.
  2. From the opened Censornet Posture Management page, note down the Consumer Key and the Consumer Secret.

Add the Salesforce Integration to the Posture Management

  1. Visit the USS Portal and click Products -> Posture Management -> Service Integration.
  2. On the Service Integration page, click the Add button.
  3. In the Add Services modal window, select Salesforce.
  1. Enter the saved Consumer Key and the Consumer Secret and click the Add button.
  1. In the opened Allow Access modal window, click the Allow button.
On this step, login to your Salesforce account may be required.
  1. If you do everything correctly, the Salesforce application will appear in the Service Provider list.

Known Issues

  1. If both the Consumer Key and the Consumer Secret are invalid, the Salesforce Login Error modal window will open instead of the Allow Access modal window.

Solution: Close this modal window and enter the valid Consumer Key and the Consumer Secret.

  1. If the Customer Secret is invalid, the Security Posture Management Error modal window will open.

Solution: Close this modal window and enter the valid Consumer Secret.

  1. If you have deleted the integrated Salesforce account and re-integrate it again, the Allow Access modal window is not open because you have already consented the access to the Censornet Posture Management connected app.

Solution: If you want to revoke the connection, visit Salesforce Dashboard -> My Personal Information > Connections and revoke access to the Censornet Posture Management connected app.


How did we do?