Kapiche

To integrate your Salesforce data with Kapiche, you need to complete two steps.

This guide walks you through the process of integrating Salesforce with Kapiche. The integration requires setting up a dedicated Salesforce user and obtaining OAuth credentials.

Administrative access to your Salesforce instance

Basic understanding of Salesforce permissions and OAuth 2.0

- Administrative access to your Salesforce instance
- Basic understanding of Salesforce permissions and OAuth 2.0

Step 1: Create a Dedicated Read Only Salesforce User 

While you can use any Salesforce user with appropriate permissions, we strongly recommend creating a dedicated integration user with minimum necessary access. This approach follows security best practices and provides better access control.

1. Navigate to Setup (gear icon ⚙️ in top right)
2. Go to Users &gt; Users in the left navigation
3. Click "New User" and configure:
 - Fill in First Name, Last Name, Alias, and Email
 - Leave Role unspecified
 - User License: <code>Salesforce Platform</code>
 - Profile: <code>Standard Platform User</code>
 - Generate password and notify user via email
4. Click Save

1. Navigate to Users &gt; Permission Sets
2. Click "New"
3. Configure:
   - Label: "Integration Read Only Access"
   - License: Leave as "—None—"
4. Click Save
5. In the new permission set:
   1. Click "Object Settings"
   2. Add read permissions for required objects:
      - Common objects: Accounts, Contacts, Opportunities
      - Select additional objects based on your needs
   3. For each object:
      - Check only "Read" permissions
      - Uncheck all other permissions (Create, Edit, Delete)
      - Click Save

1. From Permission Sets, click "Manage Assignments"
2. Click "Add Assignments"
3. Select your new integration user
4. Click "Assign"

1. Create a New User
 1. Navigate to Setup (gear icon ⚙️ in top right)
 2. Go to Users &gt; Users in the left navigation
 3. Click "New User" and configure:
 - Fill in First Name, Last Name, Alias, and Email
 - Leave Role unspecified
 - User License: <code>Salesforce Platform</code>
 - Profile: <code>Standard Platform User</code>
 - Generate password and notify user via email
 4. Click Save
2. Create a Permission Set
 1. Navigate to Users &gt; Permission Sets
 2. Click "New"
 3. Configure:
 - Label: "Integration Read Only Access"
 - License: Leave as "—None—"
 4. Click Save
 5. In the new permission set:
 1. Click "Object Settings"
 2. Add read permissions for required objects:
 - Common objects: Accounts, Contacts, Opportunities
 - Select additional objects based on your needs
 3. For each object:
 - Check only "Read" permissions
 - Uncheck all other permissions (Create, Edit, Delete)
 - Click Save
3. Assign Permission Set
 1. From Permission Sets, click "Manage Assignments"
 2. Click "Add Assignments"
 3. Select your new integration user
 4. Click "Assign"

- Log in to Salesforce as an administrator. In the drop-down list of the account (in the upper-right corner), select Setup.
- In the left-hand pane, go to Apps &gt; App Manager.
- Click on the New Connected App (in the upper right corner).
- On the New Connected App page, fill the following required fields under Basic Information: Connected App Name, API Name and Contact Email.
- Go to API (Enable OAuth Settings), and select Enable OAuth Settings. In the Callback URL field, enter <a href="https://login.salesforce.com/" rel="nofollow noopener noreferrer" target="_blank">https://login.salesforce.com/</a><a href="https://login.salesforce.com/" rel="nofollow noopener noreferrer" target="_blank">.</a> In the Selected OAuth Scopes field, select Access and manage your data (api), Perform requests on your behalf at any time (refresh_token, offline_access), Provide access to your data via the Web (web), and then click Add.
- Click the Save button to save the new Connected App.
- On the page that opens, click the Edit button. Under OAuth policies, select All users may self-authorize in the Permitted Users list, and then click the Save button.
- Go back to the Connected Apps (Apps &gt; App Manager) list, and click the App that you just created, and then click on View.
- Go to API (Enable OAuth Settings), and note down the Consumer Key and Consumer Secret, which will be used for the configuration of Kapiche SFDC Integration.

1. Create Connected App
 - Log in to Salesforce as an administrator. In the drop-down list of the account (in the upper-right corner), select Setup.
 - In the left-hand pane, go to Apps &gt; App Manager.
 - Click on the New Connected App (in the upper right corner).
 - On the New Connected App page, fill the following required fields under Basic Information: Connected App Name, API Name and Contact Email.
 - Go to API (Enable OAuth Settings), and select Enable OAuth Settings. In the Callback URL field, enter <a href="https://login.salesforce.com/" rel="nofollow noopener noreferrer" target="_blank">https://login.salesforce.com/</a><a href="https://login.salesforce.com/" rel="nofollow noopener noreferrer" target="_blank">.</a> In the Selected OAuth Scopes field, select Access and manage your data (api), Perform requests on your behalf at any time (refresh_token, offline_access), Provide access to your data via the Web (web), and then click Add.
 - Click the Save button to save the new Connected App.
 - On the page that opens, click the Edit button. Under OAuth policies, select All users may self-authorize in the Permitted Users list, and then click the Save button.
 - Go back to the Connected Apps (Apps &gt; App Manager) list, and click the App that you just created, and then click on View.
 - Go to API (Enable OAuth Settings), and note down the Consumer Key and Consumer Secret, which will be used for the configuration of Kapiche SFDC Integration.

Once you have created the the read-only user in step 1, contact us to complete the integration. You can get in touch with us any time by hitting the blue chat button to your right 👉

- Regularly audit the integration user's permissions
- Use field-level security when needed
- Consider IP restrictions for the integration user

- Use event monitoring to track API usage
- Implement rate limiting
- Set up alerts for unusual activity

1. User Access
 - Regularly audit the integration user's permissions
 - Use field-level security when needed
 - Consider IP restrictions for the integration user
2. Token Management
 - Monitor token usage
3. Best Practices
 - Use event monitoring to track API usage
 - Implement rate limiting
 - Set up alerts for unusual activity

Prerequisites

Step 1: Create a Dedicated Read Only Salesforce User

Step 2: Configure OAuth Authentication

Step 3: Contact us

Security Considerations