This article provides instructions for connecting your Salesforce to the Expel Workbench.
-
Salesforce Shield or Real-Time Event Monitoring is required.
-
Find your Salesforce domain. Save this information for later use.
-
Make sure Real-Time Event Monitoring streams are enabled for all available event objects. Click this link for more information about real-time event monitoring.
Step 1: Create Profile for access control
Salesforce uses profiles to manage user access to data, so the first step is to create a profile for Expel.
-
In Salesforce, navigate to Profiles.
-
Clone the Read Only profile and name it Expel. Click Save.
-
Verify that API Enabled is selected under Administrative Permissions.
-
Enable Customize Application Permissions under Administrative Permissions. This is required to enable Logout Events.
-
Enable View Real-Time Event Monitoring Data under General User Permissions.
-
Click Save Profile.
Step 2: Create Expel user
Now that the Expel profile is created, the next step is to create a user with that profile.
Note
Expel secures all login information our SOC analysts need about your devices in a MFA password product. Access to this login information is protected using our internal MFA processes. To learn more about the IP addresses all Expel traffic comes from, go here.
-
Navigate to Users.
-
Click New User.
-
Type in the required information:
-
For Last Name type ExpelAPI.
-
For Alias type expelapi.
-
For Email: soc+<Your_Organization_Name>@expel.io.
Tip
Yes, the "+" sign is part of the email address, and it's important. Click here to find out why.
-
For Username and Nickname use the Salesforce default entries.
-
For Role select any role.
-
For User License select Salesforce.
-
For Profile select Expel.
-
-
Reset Password for the user.
Note
The new password is sent to the email address for the Expel Salesforce User.
Step 3: Get security token
-
From your personal settings, type reset in the Quick Find text box, and then select Reset My Security Token.
-
Click Reset Security Token.
Note
The new security token is sent to the email address for the Expel Salesforce User.
Step 4: Create connected app
-
Login to Salesforce with the same user credentials that you want to collect data in your Salesforce deployment.
-
From Setup, type
App Managerin the Quick Find text box, then select App Manager. -
Click New Connected App.
-
Type the connected app name (Expel), which appears in the App Manager and on its App Launcher tile.
-
Type the API name.
Tip
The default is a version of the name without spaces. Only letters, numbers, and underscores are allowed. If the original app name contains any other characters, edit the default name.
-
Type your contact email for Salesforce.
-
In the API (Enable OAuth Settings) area of the page, select Enable OAuth Settings.
-
Select Enable for Device Flow.
-
Select the following OAuth scopes to apply to the connected app:
-
Manage user data via APIs (api)
-
-
Note
It can take about 10 minutes for the changes to take effect.
-
Retrieve the Consumer Key and Consumer Secret from the app page.
Note
Save this info for later use.
Step 5. Connect your technology to Workbench
-
In a new browser tab, log into https://workbench.expel.io.
-
On the console page, navigate to Organization Settings and click Security Devices.
-
At the top of the page, click + Add Security Device.
-
Type in the required information:
-
For Name create a name.
-
For Location type the physical location of your Salesforce domain.
-
For Salesforce domain type your Salesforce domain info from Before You Begin.
-
For Client ID type the Connected App’s Consumer Key.
-
For Client secret, type the Connected App’s Consumer Secret.
-
For Username type the Expel user’s username.
-
For Password type the Expel user’s password.
-
For Security token, type the Expel user’s security token.
-
Comments
0 comments
Please sign in to leave a comment.