Documentation
API
Q&A
Read
AnnouncementsArticlesWebsite tips
Learn
Getting StartedManagerMaestroAnalyticsExchangeWorkspaces
Resources
VideosDownloadsExchange PackagesRelease Notes
Ideas
Contact
Platform
Manager
Maestro
Exchange
Workspaces
Analytics
Springboard

Integrate Salesforce with Manager

   PlatformApplicable to all products in Temenos Journey Manager.  |   All Personas |  All versions This feature is related to all versions.

You can configure Salesforce to integrate it with Managerfor the first time.

To configure your Salesforce environment for Journey Manager integration via APIs, follow the process below:

  1. Install the Transact for Salesforce App.
  2. Create the API User Account in Salesforce.
  3. Create the Journey Manager Connected App in Salesforce.
  4. Provide the User Account and Connected App details to the Journey Manager team.

Install the Transact for Salesforce App

Install the latest version of the Transact for Salesforce App that supports your version of Manager:

To commence installation of a Salesforce package, upon opening the package URL in the browser you are required to login to the Salesforce environment that you wish to install into.

When installing the package it is best to elect to Install for All Users as shown below. This will avoid users being unable to access the app due to insufficient privileges.

Note

If you have already installed the app for Admins Only or Specific Profiles and some users are unable to access the app due to Insufficient Privileges, you can resolve this issue as described in Insufficient Privileges: You do not have the level of access necessary to perform the operation you requested...

Create the API User Account in Salesforce

Note

We recommend you create a separate Salesforce user account dedicated to Manager integrations. This allows you to keep your real user credentials private and lets you restrict the permissions of the integration user as appropriate.

To create the user and its permission profile for API level integration, contact your Salesforce administrator or refer to the Salesforce documentation. The following items should be considered when doing so:

  1. Suggested User Account attributes:
    • First Name - blank
    • Last Name - Transact
    • Alias - transact
    • Email - Suggest using the email address of your Salesforce administrator
    • Username - [email protected].<environment> . Append the environment name for non-prod environments
    • Nickname - Transact
  2. The user must have API access enabled
  3. See also: https://help.salesforce.com/HTViewHelpDoc?id=integrate_what_is_api.htm&language=en_US
  4. The user must have full access to the Temenos custom objects to deliver submission records into Salesforce. The app package includes permission sets to help manage user access to Manager objects. Allocate the included Manager administrator permission set to this user.
  5. The user must also have appropriate permissions to any objects you may wish to update when a submission is delivered as these update functions will be performed as this API user.
  6. Ensure the user is licensed to use the Transact for Salesforce App - How to manage user licensing for the Salesforce App
Warning

It is important to understand the impacts of password expiry on integration user accounts.

Create the Manager Connected App in Salesforce

  1. Under App Setup, click Create > Apps
  2. Under Connected Apps, click New
  3. Suggested Connected App attributes:
    • Connected App Name - Transact Connector
    • API Name - Transact_Connector
    • Contact Email - Suggest using the email address of your Salesforce administrator
  4. Ensure Enable OAuth Settings is checked with the following attributes set:
    • Enable OAuth Settings - Yes (selected)
    • Callback URL - https://<Transact Domain>/sfdc/secure/account/home.htm , where <Transact Domain> is the domain of your Transact environment
    • Use Digital Signatures - No (unselected)
    • Selected OAuth Scopes - Access and manage your data, Access your basic information, Provide access to your data via the Web. It is important to set all and only these 3 scopes.
    • New names for Selected OAuth Scopes under Lightning UI - Access the Identity URL service (id, profile, email, address, phone), Manage user data via APIs (api), Manage user data via Web browsers (web).
  5. Under Web App Settings enter the following values:
    • Start URL - https://<Transact Domain>/sfdc/servlet/SmartForm.html?formCode=AT4SF-canvas , where <Transact Domain> is the domain of your Manager environment
    • Enable SAML - No (unselected)
  6. Under Mobile App Settings leave blank.
  7. Under Canvas App Settings ensure Force.com Canvas is selected and enter the following values:
    • Force.com Canvas - Yes (selected)
    • Canvas App URL - https://<Transact Domain>/sfdc/servlet/SmartForm.html?formCode=AT4SF-canvas , where <Transact Domain> is the domain of your Manager environment
    • Access Method - Signed Request (POST)
    • SAML Initiation Method - None
    • Locations (Selected) - Chatter Tab, Layouts and Mobile Cards, Visualforce Page
    • Lifecycle Class - leave blank
  8. Click Save to update the changes.

Configure Permitted Users for the Connected App

The app currently only supports Administrator Approved users.

  1. Under 'Administration Setup', click Manage Apps > Connected Apps.
  2. Locate the Manager connected app and click Edit.
  3. Under 'OAuth Policies' selected 'Admin approved users are pre-authorized' for Permitted Users.
  4. Click Save to update the changes.
  5. Again under 'Administration Setup', click Manage Apps > Connected Apps, locate your application and click the App name link to view the detail page.
  6. Under Profiles, click Manage Profiles and select the profiles you wish to pre-approve for app usage. This is typically System Administrator and Standard User.
  7. Click Save to update the changes.

Create the API Named Credential in Salesforce

Note

If your integration scenarios include pushing form task assignments from Salesforce to Temenos in batch or within an Apex trigger (not very common), you will need to setup an API user in Temenos and configure the named credential in Salesforce. The named credential is not required for other scenarios and this step may be skipped.

  1. Under Administration Setup, click Security Controls > Named Credentials
  2. Under Named Credentials, click New Named Credential and enter the following Named Credential attribute values:
    • Label - Transact API Credential
    • Name - Transact_API_Credential, which must match this exactly
    • URL - https://<Transact Domain>/manager/secure/rest/groovy-service-invoke/v2/at4sf-postrequest/v1/ , where <Transact Domain> is the domain of your Manager environment, the version number at the end (v1) must refer to the version of the AT4SF-PostRequest service in Manager that you wish to call (version 1 at the time of writing). For older Manager environment you may need to use the GroovyServiceServlet URL, such as https://<Transact Domain>/manager/secure/GroovyServiceServlet?sfmServiceName=AT4SF-PostRequest
    • Certificate - leave blank unless you have certificate based authentication in place.
    • Identity Type - Named Principal
    • Authentication Protocol - Password Authentication
    • Username and Password - the username and password used must correspond to a user who belongs to the required organization.
  3. Click Save to update the changes.
Warning

For the IP White-Listing, be aware that if your Manager server has IP white-listing enabled, you will need to add the Salesforce IP ranges to the white-list for the task creation calls to be successful. See:

  • https://help.salesforce.com/articleView?id=000003652&type=1
  • Post Request: 403 Forbidden - You don't have permission to access /manager/secure/GroovyServiceServlet on this server.

Information required by the Journey Manager Team

Once the integration User Account and Connected App have been correctly configured in Salesforce, the Manager administration staff will require the following information for the Service Connection:

  • Salesforce Login URL, for example, https://login.salesforce.com or https://test.salesforce.com.
  • API User - Username
  • API User - Password
  • API User - Security Token (Salesforce user’s password followed by the security token value, without spaces)
  • Connected App - Consumer Key
  • Connected App - Consumer Secret
Info

When passing the API User - Security Token value to the JM Team, it must consist of 2 concatenated parts - the Salesforce user’s password followed by the actual Security Token value from Salesforce (without spaces).

To retrieve this information from Salesforce

  • How to retrieve the Security Token for a Salesforce User Account.
  • How to retrieve the Consumer Key and Secret for a Salesforce Connected App.

Next, learn how to make forms available for Salesforce users.