Part 1 - Salesforce Connected App Setup
To allow the SendSafely Dropzone to update existing Salesforce cases with secure links for file downloads, a SendSafely Dropzone Connector application must be configured in your Salesforce platform as a Connected App. What follows are the steps for creating and configuring a new Connected App.
Step 1: Create New Connected App
In the Salesforce Classic View, go to Setup, and then type “App” in the Quick Find box. In the menu on the left-hand side of the screen, look for and select: Build->Create->Apps
Click “New” button under Connected Apps section. From the New Connected App screen, configure the following sections:
The following fields are required:
- Connected App Name - Enter a descriptive name like “SendSafely Dropzone Connector”
- API Name - This is auto populated by default based on the previous field (customize if needed)
- Contact Email - Enter email address of application administrator
API (Enable OAuth Settings)
- Check the “Enable OAuth Settings”
- Configure “Callback URL” - for now, check off Enable for Device Flow, and it will default to a Salesforce specific URL
- NOTE: This setting will need to be updated to the Google AppScript OAuth2 Redirect URI during the Google Apps Script Dropzone Connector Setup.
- Add the following OAuth Scopes:
- Full access (full)
- Perform requests on your behalf at any time (refresh_token, offline_access)
- Check the “Require Secret for Web Server Flow” setting (if not already checked)
Click the Save button and then the Continue button when prompted. You will be redirected to a summary page showing Basic Information and API (Enable OAuth Settings) just configured.
- NOTE: Under “API (Enable OAuth Settings)”, you will see the Consumer Key and Consumer Secret fields, which will be needed during the Google Apps Script Dropzone Connector Setup.
Step 2: Configure Policies for Connected App
Policies can be configured from the Connected App Detail page, which can either be accessed from
- The Connected App summary page by clicking the Manage button (presented in UI at end of Step 1) or
- Type “Manage” in Quick Find Box. In the menu on the left-hand side of the screen, look for and select: Manage Apps->Connected Apps & click “Master Label” link of Connected App just created.
Once on the Connected App Detail page, click the “Edit Policies” button and the Connected App Edit page will be displayed. On this page, do the following:
- Under the Oauth policies section, select
- “Admin approved users are pre-authorized” from the Permitted Users drop down box. When prompted, click the OK button.
- “Refresh token is valid until revoked” radio button for the Refresh Token Policy.
- Optionally configure an application specific Timeout Value under Session Policies. This will determine how long the OAuth access token issued to the application remains active for, before a token refresh is required.
- NOTE: The Google Apps Script Dropzone Connector automatically initiates the token refresh process if an expired OAuth token is detected
- Click the Save button
Returning to the Connected App Detail page, click the “Manage Profiles” button and select the Profile of the user account that will authorize the SendSafely Dropzone Connector Salesforce Connected App during the Google Apps Script Dropzone Connector Setup. Once selected, click the Save button.
The SendSafely Dropzone Connector Salesforce Connected App setup is now complete.
Part 2 - Google Apps Script Dropzone Connector Setup
The Google Apps Script Dropzone Connector bridges the SendSafely Dropzone Widget and the Salesforce platform. The script ingests the SendSafely generated secure link & related metadata, and updates the target Salesforce case via the Salesforce REST API. If the case is unable to be updated via the Salesforce API call, a notification email is sent to the Dropzone Widget owner and file submitter.
To proceed, make sure you have a copy of the latest SendSafely Dropzone Connector Google Apps Script. You can request a copy from email@example.com, if not already provided. Copy the connector into your Google Apps domain and from the Spreadsheet view, select the “Tools” menu, and then “Script Editor…”. Next, from the Code.gs view in the Script Editor complete the following steps:
Step 1: Grant Script Permissions
Select Run > Run function > Setup. You will be prompted by Google to grant the necessary permissions for this script to work. Click “Allow”.
Step 2: Configure Script Properties
Populate the required script properties by navigating to File > Project Properties > Script Properties and entering the following fields:
- gmail_sender_address - Email address to use for sending notifications. By default this should be the Google account configured to run this script or alternatively, another email address you are authorized to send on behalf of.
- salesforce_client_id - Connected App Consumer Key from Salesforce instance. Retrieve this information from Build->Create->Apps & click “Connected App Name” link for the SendSafey Dropzone application
- salesforce_client_secret - Connected App Consumer Secret from Salesforce instance. Retrieve this information from Build->Create->Apps & click “Connected App Name” link for the SendSafely Dropzone application
- salesforce_authorization_url - If using a Salesforce Sandbox environment replace "login.salesforce.com" with "test.salesforce.com"
- salesforce_token_url - If using a Salesforce Sandbox environment replace "login.salesforce.com" with "test.salesforce.com"
- sendsafely_validation_key - SendSafely Dropzone Validation Key. Retrieve this information from the Dropzone screen of your Edit Profile page when logged into the SendSafely web portal (Account menu -> Edit Profile -> Dropzone)
- salesforce_sendsafely_link_destination - Salesforce object where SendSafely secure link will be written to. The default location is the Case Comment feed. Removal of this property will result in the secure link being written to the CaseComment object.
- company_name - Company name to appear in emails sent by this script to sender and/or recipient. Defaults to Company XYZ if not configured. Emails are only sent if an error occurs during script execution.
- helpdesk_name - Helpdesk name to appear in emails sent by this script to sender and/or recipient. Defaults to Salesforce Service Cloud if not configured. Emails are only sent if an error occurs during script execution.
- sendsafely_error_notification_address - Optional script property that defines an email address to receive email error notifications for unexpected errors encountered during Google App Script execution. The most common error being an invalid Case number. If this property is not configured, email error notifications will be sent to the Dropzone owner's email address.
Step 3. Configure Google AppScript OAuth2 Redirect URI in SendSafely Dropzone Salesforce Connected App configuration
Execute method Run > Run function > logRedirectUri. Once the method completes, do the following:
- Select View > Logs
- Copy the entire https URL for pasting into OAuth Callback URL setting in the SendSafely Dropzone Salesforce Connected App configuration
- To get to this setting in Salesforce, go to Build->Create->Apps & click the “Connected App Name” link of the SendSafey Dropzone application
- Click the “Edit” button and paste the previously copied https URL into the Callback URL text box.
**Note that Salesforce Connected Apps support multiple Callback URLs, so you can paste it below an existing URL (such as if you've already configured another Dropzone Connector to use this same Connected App) or overwrite the default Salesforce Callback URL.
- Click the “Save” button and then “Continue” button when prompted
Step 4: Authorize the script to connect to Salesforce
Execute Run > Run function > initOauth. Once the method completes, do the following:
- Select View >Logs
- Copy the entire authorization URL & paste into a new browser tab
- If prompted, authenticate to Salesforce with a user that is a member of an authorized Profile for the SendSafely Dropzone Salesforce Connected App
- A successful authorization will return "Success!" in the browser
** It may take up to 10 minutes for the OAuth2 Redirect URI setting configured in Step 3 to propagate in your Salesforce instance. If you do not get a "Success!" message and instead get the message 'error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration' at Step 4e, re-try the above after several minutes.
Step 5: Deploy script as web app
Select Publish > Deploy as web app
- Under "Project Verison", choose "New"
- Under "Execute as" choose "me"
- Under "Who has access" choose "anyone, even anonymous"
Step 6: Update SendSafely Dropzone webhook
After pressing "Deploy" copy the Current web app URL and do the following:
- Log into the SendSafely web portal and navigate to Edit Profile-> Dropzone.
- Paste the the copied URL into the "Use a Webhook for notifications:" under Notification Settings.
****NOTE: To assist with testing and/or troubleshooting connectivity to your Salesforce environment, refer to the testGetCase() function in SendSafely Dropzone Connector for Salesforce script.
Part 3 - Dropzone Connector Upload Test
The final step is to test the Saleforce - SendSafely Dropzone integration. Perform the following to confirm set up is complete:
Have at least 1 Case record setup in Salesforce and note down the Case number
Browse to the SendSafely Dropzone Widget Upload URL, which will look similar to the following example URL:
Here is a template URL that you can use to construct the URL for your setup Dropzone:
- Replace SS_ENTERPRISE_HOST_NAME with the hostname of your SendSafely Enterprise platform.
- Replace PUBLIC_API_KEY with the Public API Key of the Dropzone owner. This can be retrieved from the Dropzone Owner’s Edit Profile screen when logged into the SendSafely website. Look for the Public API Key section on the page.
Input the required information in the form, i.e. Case Number, Your Email Address and upload a file. Click the submit button.
Return to your Salesforce instance, and refresh the browser displaying the ticket, and you should see the Case Comments have been updated with a new comment including the SendSafely generated link, and the uploaded file available for download from the SendSafely Canvas application.