PeopleImport Getting Started

PeopleImport - OAuth Login

PeopleImport - OAuth Login

OAuth Login generates a long term login token.  If Auto Login is checked, the user will still be able to login EVEN IF THEIR SALESFORCE PASSWORD HAS BEEN CHANGED.  When someone leaves the org it is recommended that their user license in Salesforce be immediately deactivated and/or their login token be revoked.  If a "generic" user is being used to access PeopleImport, the password should be changed and the token should be revoked.

If an organization DOES NOT wish to allow OAuth Logins (i.e. long term tokens) the application can also be blocked completely.  Users will still be able to use the API Login to access PeopleImport which does not allow logins with expired passwords.

User tokens can be revoked or the application can be blocked in Salesforce via Setup - > Manage Apps -> Connected App OAuth UsageMore information on Connects App OAuth Usage can be found in Salesforce's Help.

Note:  Although PeopleImport usage can be monitored like a connected app PeopleImport IS NOT a true connected app. The entire application can be blocked from using OAuth Login and/or specific users can have their current long term token revoked.  A new successful login will generate a new long term token, therefore users cannot be fully blocked by revoking a token.  Individual user access to PeopleImport is controlled solely on our authentication server and changes to access can be made by emailing our support department (support@validity.com).

mceclip0.png       

Non SSO Logins Using OAuth

mceclip1.png

1.  Set Login Options

  • Auto Login: Checked: Saves the password AND automatically logs the user in
    • Check BEFORE entering login info (existing login info cleared when initially checked)
    • When checked, the login screen will no longer be displayed when launching PeopleImport
    • Once logged in successfully, the OAuth Auto Login checkbox can be unchecked in the PeopleImport - Options - General Settings
  • Sandbox Login: Checked: Redirects the OAuth login to the sandbox (test) login servers
    • NO custom endpoint is needed in Proxy / Endpoint Setup
    • Can leave unchecked if a sandbox custom domain is specified
      • Will work with or without this box checked when a custom domain for the sandbox is specified
  • Custom API Version: Check and specify the desired API version
    • By default, PeopleImport will use the API Version the current version was built on
    • Newer API versions can be specified to access new Account/Contact/Lead fields in the latest Salesforce Release(s)
  • Custom Domain/Set:  If the org has a custom domain defined, enter it here and click Set to save for future logins
    • DO NOT include my.salesforce.com, i.e. enter xyz vs. xyz.my.salesforce.com
    • For sandboxes, include the sandbox name and cs server (company--sbname.csX), i.e. xyz--test.cs7
      • Optional for non SSO OAuth logins

2.  Enter the Salesforce username and password

3.  Click Log in to Salesforce

  • Select "Allow" when prompted by Salesforce to confirm the login

SSO Logins Using OAuth

mceclip2.png
Example using okta as the SSO provider:

1.  Set Login Options

  • Auto Login: Checked: Saves the SSO credentials and automatically logs the user in
    • Check BEFORE entering login info (existing login info cleared when initially checked)
    • Required when running PeopleImport as a Scheduled Job
    • When checked, the login screen will no longer be displayed when launching PeopleImport
    • Once logged in successfully, the OAuth Auto Login checkbox can unchecked in the PeopleImport - Options - General Settings
  • Sandbox Login: Leave unchecked for SSO logins
    • SSO provider settings determine if the login is done to the production or sandbox servers
    • Set the Custom Domain of the sandbox instead (see last bullet)
  • Custom API Version:  Check and specify the desired API version
    • By default, PeopleImport will use the API Version of version it was built on
    • Newer API versions can be specified to access new features (i.e. new tables/fields) in the latest Salesforce Release(s)
  • Custom Domain/Set:  REQUIRED for SSO logins
    • Enter the custom domain and click Set to save for future logins
    • DO NOT include my.salesforce.com, i.e. enter xyz vs. xyz.my.salesforce.com
    • For sandboxes include the sandbox name and cs server (company--sbname.csX), i.e. xyz--test.cs7

2.  Enter the SSO username and password and sign in.

Logging into Sandbox Using OAuth

Redirecting the login information to the sandbox servers is pretty simple with OAuth login.  For non SSO users, just check the Sandbox Login checkbox at the bottom of the login screen.  Once checked you should notice that the Log In box changes to Log In to Sandbox.  SSO users should NOT check the option, and instead enter the Custom Domain or the sandbox, e.g. xyz--test.cs7, and click Set.

Once the login screen is updated to say Log In to Sandbox simply enter the username and password for the sandbox.  To switch back to production uncheck the box or update the Custom Domain to the production domain, e.g. xyz and click Set.

 

Related articles

Get DemandTools

We're assuming you already have DemandTools but if you don't, you should totally get it!

Company
Products
Solutions
Resources
Contact