For more information about plan types and capabilities, see Vanta's pricing page
Trust Center's Salesforce integration provides an easy way to leverage automation when granting access to your report. This integration allows you to control who should be automatically approved for access and who should be required to sign an NDA by leveraging the data you already have in your Salesforce records.
Connecting with Salesforce
- From the left-hand navigation panel, select Integrations 
- Search for Salesforce and choose Connect 
- To approve the OAuth app, Salesforce requires that the connected account have the Approve Uninstalled Connected Apps permission enabled 
- Once you've successfully connected your Salesforce account, navigate to settings and configure your desired auto-approval and NDA bypass settings 
Note: There are two options for If request meets condition
- Salesforce Contact matches the email - This will match the exact email addresses found in your Salesforce Contact records 
 
- Salesforce Contact matches the email domain - This will match against the email domain of any Contacts found in your Salesforce records. For example, “[email protected]” will match against “[email protected]” 
- In addition to matching Contacts, you can optionally configure a boolean field that must be set to true on the linked Account to that Contact for the auto-approval to go through 
 
- Once these rules are in place, viewers who have been matched will appear in the viewer's table with the Salesforce logo. 
- Viewers who have been auto-approved, will show that their NDA was signed and bypassed by Salesforce. 
Trust Center Salesforce Integration: Required Permissions
The Trust Center Salesforce integration requests the api and refresh_token OAuth scopes. From Salesforce’s documentation about the api scope:
“Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API 2.0.”
In other words, the Trust Center Salesforce integration’s access is determined by which account initiates the OAuth linking flow in Vanta. To limit the integration’s access, we recommend creating a separate service user with limited permissions in Salesforce and linking with that user.
(Note: If you’re already currently logged into your own Salesforce account, you may need to log out first before clicking “Connect Salesforce” in order to link with the service user)
Required permissions by feature
The following permissions are necessary for the following capabilities:
- Augmenting viewer data in Activity and Access Requests for contacts found in Salesforce 
- Automated access approvals 
- NDA Bypass 
While we recommend granting access to all non-sensitive default fields on these objects to avoid functionality breaking if we request more information in the future, the minimal required permissions are the following:
- Accounts - Object Permissions - Read 
 
- Field Permissions - Read Access - Name 
- Type 
- OwnerId 
 
 
 
- Contacts - Object Permissions - Read 
 
- Field Permissions - Read Access - Email 
- AccountId 
- Name 
 
 
 
Revenue Tracking
If you’d like to take advantage of the Revenue Tracking reporting features, we will the above permissions and read access to opportunity objects in Salesforce.
While we recommend granting access to all non-sensitive default fields on opportunities to avoid functionality breaking if we decide to request more information in the future, the minimal required permissions are the following:
Opportunity
- CloseDate 
- Amount (or equivalent custom field specifying revenue*) 
- Stage (or equivalent custom field specifying opportunity stage*) 
- CurrencyIsoCode (if multi-currency is enabled) 
*For opportunity stage and revenue, you can specify custom fields to use over the defaults from within the Trust Center settings page.
Lead Creation
Vanta Trust Centers now has the ability to create leads in SFDC for viewers that are not found in Salesforce. If you’d like to take advantage of this capability, we will need the following permissions:
Create Salesforce Task
Vanta Trust Centers can now push Trust Center activity to Salesforce. If you’d like to take advantage of this capability, we will need the following permissions:
- System Permissions - Access Activities 
- Edit Tasks 
 
- Profile > Field-Level Security > Task - Edit Access - Comments 
- Related To 
- Name 
 
 


