Connecting Trust Centers & Salesforce

  • Updated

Scale & Collaborate.jpgFor more information about plan types and capabilities, see Vanta's pricing page

Trust Center's Salesforce integration provides an easy way to leverage automation when granting access to your report. This integration allows you to control who should be automatically approved for access and who should be required to sign an NDA by leveraging the data you already have in your Salesforce records.

Connecting with Salesforce

  • From the left-hand navigation panel, select Integrations 
  • Search for Salesforce and choose Connect
  • Link your Salesforce instance with the Full API Access option selected

  • Once you've successfully connected your Salesforce account, navigate to Trust Center settings and configure your desired auto-approval and NDA bypass settings

Note: There are two options for If request meets condition

  • Salesforce Contact matches the email
    • This will match the exact email addresses found in your Salesforce Contact records
  • Salesforce Contact matches the email domain
    • This will match against the email domain of any Contacts found in your Salesforce records. For example, “joan@customer.com” will match against “dan@customer.com”
    • In addition to matching Contacts, you can optionally configure a boolean field that must be set to true on the linked Account to that Contact for the auto-approval to go through
  • Once these rules are in place, viewers who have been auto-approved appear in the viewer's table with the Salesforce logo

Trust Center Salesforce Integration: Required Permissions

The Trust Center Salesforce integration requests the api and refresh_token OAuth scopes. From Salesforce’s documentation about the api scope:

“Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API 2.0.”

In other words, the Trust Center Salesforce integration’s access is determined by which account initiates the OAuth linking flow in Vanta. To limit the integration’s access, we recommend creating a separate service user with limited permissions in Salesforce and linking with that user.

(Note: If you’re already currently logged into your own Salesforce account, you may need to log out first before clicking “Connect Salesforce” in order to link with the service user)

Required permissions by feature

The following permissions are necessary for the following capabilities: 

  • Augmenting viewer data in Activity and Access Requests for contacts found in Salesforce
  • Automated access approvals 
  • NDA Bypass

While we recommend granting access to all non-sensitive default fields on these objects to avoid functionality breaking if we request more information in the future, the minimal required permissions are the following: 

  • Accounts
    • Object Permissions
      • Read
    • Field Permissions
      • Read Access
        • Name
        • Type
        • OwnerId
  • Contacts
    • Object Permissions
      • Read
    • Field Permissions
      • Read Access
        • Email
        • AccountId
        • Name

Revenue Tracking 

If you’d like to take advantage of the Revenue Tracking reporting features, we will the above permissions and read access to opportunity objects in Salesforce.

While we recommend granting access to all non-sensitive default fields on opportunities to avoid functionality breaking if we decide to request more information in the future, the minimal required permissions are the following: 

Opportunity

  • CloseDate
  • Amount (or equivalent custom field specifying revenue*)
  • Stage (or equivalent custom field specifying opportunity stage*)
  • CurrencyIsoCode (if multi-currency is enabled)

*For opportunity stage and revenue, you can specify custom fields to use over the defaults from within the Trust Center settings page.

Lead Creation

Vanta Trust Centers now has the ability to create leads in SFDC for viewers that are not found in Salesforce. If you’d like to take advantage of this capability, we will need the following permissions: 

  • Object Settings
    • Lead
      • Object Permissions
        • Create
      • Field Permissions
        • Edit Access
          • Email 
          • Name
          • Company

Create Salesforce Task

Vanta Trust Centers can now push Trust Center activity to Salesforce. If you’d like to take advantage of this capability, we will need the following permissions: 

  • System Permissions 
    • Access Activities
    • Edit Tasks
  • Profile > Field-Level Security > Task
    • Edit Access
      • Comments
      • Related To
      • Name