Revenue Grid Integration with Salesforce Customer / Partner Community Environments¶
For users of the Email Sidebar on:
3 min read
Customer / Partner Community environment integration specifics¶
Tip
Also see this article to learn how to log in to a Salesforce Customer / Partner Community environment
Important
Revenue Grid supports only the following Salesforce Experience Cloud subdomains: force.com, salesforce.com, siteforce.com, my.site.com. If you use Experience Cloud site with the .force.com site URL, you might experience some login issues. Refer to this article to learn more about troubleshooting this issue
RGES Add-In and Sync engine provide a special possibility to capture CRM data for Salesforce Customer / Partner Community environments integrated with different MS Exchange or Google mail instances, i.e. authorized mail servers used by company’s partners or customers entitled to access specific segment of a shared CRM environment.
This is organized in the same secure and Salesforce config specific manner as for corporate infrastructures which include several dedicated email servers/domains, e.g. ones used by different branches of a company. Each RG backend unit is a multi-tenant entity, hosting multiple company entities as dedicated tenants and end user groups. Within this infrastructure, each tenant‘s and each user’s data is securely isolated from the rest and no unauthorized data access is possible. On new Customer / Partner Community users provisioning in the system, a HMAC-based server-to-server authentication scheme with request signing via a secret shared between the sender and the recipient is applied, along with protection from replay attacks involving a nonce value and timestamps, ensuring that provisioning requests are performed only by an entitled authorized party and this access is spoofing-proof.
No user data or access credentials are consistently stored or anyhow exposed to disclosing within RGES infrastructure, the system leverages Salesforce and Exchange/O365 or Google native data access authorization methods via individual users OAuth and other token types instead of access credentials.
For all such scenarios, in-org, different branch, or customer / partner community, users’ data handling is performed in an isolated targeted manner that always observes the access rules set for individual users or groups of users in Salesforce. When a provisioned customer / partner user gets server-side Sync activated and logs in to RGES Add-In, their access to the shared Salesforce environment is authorized via OAuth 2.0 or another supported mechanism and in this environment RGES has the same data viewing and editing permissions scope as the user has when they open their Salesforce account in a browser. A single email account is connected to a single designated Salesforce account and the system ensures that no unauthorized data access, modification, leakage, or hijacking is possible.
The data that a customer/partner community user may capture in Salesforce from their MS Exchange mailbox is defined by RGES’s selective or automated capturing mechanisms and Sync settings as well as the actual write/edit permissions on the Salesforce side.
Also note that RGES can work with up to 4 email aliases available for configured end users’ MS Exchange mailbox. See this article for more information.
The below diagram illustrates the backend architecture of individual users’ data processing in the RGES system.
>>> Click to see a screenshot <<<
Lightning Scheduler integration specifics¶
Tip
Also see this article to learn how to configure Lightning Scheduler integration for RGES
For RGES integration with Salesforce Lightning Scheduler, data processing also follows the same principles of security and isolation. The data being transferred for Lightning Scheduler integration purposes is solely the Free/Occupied slots information from the user’s calendar, no other details are read or transferred.
Even though Lightning Scheduler integration config involves a Salesforce Admin user account for connectivity authorization, calendar data transfers are carried out on the same “single MS Exchange mail account ↔ single associated Salesforce account” basis, ensuring that no unauthorized data access, modification, leakage, or hijacking is possible. This is also true for Customer / Partner Community Lightning Scheduler usage with RG Email Sidebar.
We would love to hear from you!