This article explains how to configure the Interconnected Apps integration for Salesforce.
Interconnected Apps provides you with visibility into third-party plugins connected to sanctioned SaaS applications. To provide Cato with visibility of data within an app, you need to set up an integration with the required application. For more information, see Viewing and Analyzing Interconnected Apps.
To configure the Interconnected Apps integration, you need to:
-
Configure the integration within the SaaS application
-
Create the API connector in the Cato Management Application (CMA)
A CASB license is required for Interconnected Apps. For more about purchasing a CASB license, please contact your Cato representative.
To configure the Salesforce integration, create the required configurations in your Salesforce account, then configure the connector within the CMA.
To configure the Salesforce integration, create a user, assign it the required permission, and create an external client app.
To create a user for the integration:
-
Login to your Salesforce account (
<your_tenant>.lightning.force.com) -
Click on the gear icon and click Setup.
-
Search for Users
-
Click New User
-
Add the required details, with these configurations:
-
User License: Salesforce
-
Profile: Standard User
-
-
Click Save.
To assign the user the required permissions:
-
In your Salesforce account, search for Permission Sets.
-
Click New.
-
Enter the required fields and click Save.
-
Click Edit, and add these permissions:
-
API Enabled
-
API Only User
-
Customize Application
-
Manage Connected Apps
-
Manage Custom Permissions
-
Password Never Expires
-
Run Reports
-
View all External Client Apps
-
View Dashboards in Public Folders
-
View Developer Name
-
View Event Log Files
-
View Reports in Public Folders
-
View Roles and Role Hierarchy
-
View Setup and Configuration
-
Modify Metadata Through Metadata API Functions
-
-
Click Save.
-
Click Manage Assignments > Add Assignment and choose the user created above.
To create the external client app:
-
In your Salesforce account, search for External Client App Manager.
-
Click New External Client App.
-
Enter the required fields, with this configuration:
-
Distribution State: Local
-
-
Select API (Enable OAuth Settings) and check the Enable Oauth checkbox.
-
Under App Settings and these configurations:
-
Callback URl :
https://cc.catonetworks.com/redirect/cas/salesforce/callback -
OAuth Scopes:
-
Manage user data via APIs (api)
-
Perform requests at any time (refresh_token, offline_access)
-
Access Analytics REST API resources (wave_api)
-
-
Flow Enablement: Check the Enable Client Credentials Flow checkbox
-
-
Click Create.
-
In the app’s page, navigate to Policies and click Edit.
-
Under OAuth Policies > Plugin Policies > Permitted Users, select Admin approved users are pre-authorized.
-
Under App Policies > Select Permission Sets select the permission set you created
-
Under OAuth Flows and External Client App Enhancements select the Enable Client Credentials Flow checkbox.
-
Under Run As (Username) add the email of the integration user.
-
Click Save.
-
In the app’s page, navigate to Settings > OAuth Settings > App Settings.
-
Click Consumer Key and Secret copy and save the Key and Secret to enter into the CMA.
Note: You may need to authenticate to view the Key and Secret.
After you have set up an integration with the required application, add the details in the CMA.
To create the API connector in the CMA:
-
From the navigation menu, click Resources > Integrations.
-
Click the Configured Integrations tab.
-
Click New.
The New Integration panel opens.
-
Select the SaaS Application you want to add.
-
In the Capability drop down select Third Party Apps.
-
Add the details created during step one.
-
Click Save.
-
The app is visible on the Integrated Apps table with a Connected status.
After connecting your APIs, you can track the interconnected apps on the Plugins page. Data may take a few minutes to appear.
0 comments
Article is closed for comments.