Salesforce (SFDC) Connector

Setup your SFDC account to enable it for scanning by SaaSDR before you create the connector.

Prerequisites

System Admin to login to SFDC Setup UI and perform steps 1 and 2 as mentioned below.

Follow these steps to create a SFDC Connector:

  1. Create Application and Get Application ID, Application Key
  2. Enable Permissions
  3. Create Connector in SaaSDR with SFDC as Application

Create Application and Get Application ID, Application Key

  1. On the SFDC console, navigate to Home, under Platform Tools in the left navigation pane, select Apps > App Manager.
    appmnager
  2. Click New Connected App and provide these details:
    1. Name: QualysSaaSDR (without hyphen)
    2. Contact Email: support@qualys.com
    3. Info Url: User must leave this field blank
    4. Description: Qualys SaaS Detection and Response (SaaSDR) expands the capabilities of the Qualys Cloud Platform to help enterprises secure and manage their Salesforce instances.
      emailurl_sfdc    
  3. Enable OAuth setting:
    1. Callback URL:  Copy the URL from the SaaSDR connector creation dialog box. (Example:  https://qualysguard.qualys.com/ssc/api/salesforce/oauthcallback) 
    2. Scopes: Move the following 2 scopes to the right column:
      • Manage user data via APIs (api)
      • Perform requests at any time (refresh_token, offline_access) 

    Ensure Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows setting is unchecked.

  4. Click Save > Confirm.

  5. The newly created application is displayed with its properties. Click Manage Consumer Details to view the Consumer Key and Consumer Secret.

  6. You can copy or save these Consumer Key and Consumer Secret details, that might be useful in the later steps.

Enable Permissions

  1. On the SFDC Console, navigate to Administrator > Users > Permission Sets.
  2. You can choose to add permissions to an existing Permission Set (recommended) or create a new permission set. Select the permission set you want to edit or click New Permission Set to create a new permission set.

    permission set
  3. Navigate to App > App Permissions. Enable the Query All Files permission.

    setpermissions
  4. Navigate to  System > System Permissions.
  5. Enable:
    1. Manage Certificates permission
    2. Customize Application permission
      manage certificate
      customize application
  6. Next, we need to associate this new permission set with an Administrator User, which would be used to create the connector.
    sysadmin

Create Connector in SaaSDR with SFDC as Application

  1. Now, on the SaaSDR UI, go to Configuration > Connectors and click Create Connector.
  2. On the Create Connector page, select Salesforce from the SaaS drop-down menu.
    connector
  3. Provide the consumer key and secret as Application ID and Application Key in the SaaSDR app.
  4. Click Create Connector.
  5. You are redirected to the application's login page, where you need to log in using your username. Once your connector is created, it is listed in the Configurations > Connectors list. Here, you can check the status and other details of the connector.

That's it!

Once the application is connected, a scan is initiated to pull metadata. Depending on the number of resources to be cataloged in your application, this step may take some time to complete.

Related Topic

Connector Actions

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.