Nexus-SF Data Exchange Handshake Procedure

Step-by-Step Guide for Configuring the Handshake Between Salesforce (SF) and Engagement Hub for Data Integration.

Step 1: Create Connected App for BriefingEdge Integration

Open Settings - Custom Code - Remote Access

Create a new connected App for the Nexus Package.
1. Connected Apps - New - Create a Connected App

Go into the “Edit” view for newly created connected app.

Check the box for “Enable OAuth Settings” (1)
Add the following Callback URLs (CRMInstanceID (SFDCInstance) = 1) (2)
- https://w17.briefingedge.com/MVC2/Admin/SFDC/Authenticate?sfdcInstance=1
  *(The link above may have a differing SFDCInstanceID if you have more than 1 instance of SFDC linked to BriefingEdge. Confirm with BriefingEdge Team if unsure.)
- https://w17.briefingedge.com/MVC2/Account/OauthSuccess
Add the following OAuth Scopes into the “Selected OAuth Scopes” box (3)
- Manage User Data via APIs (api)
- Manage User Data Via Web Browsers (web)
- Perform requests on behalf at any time (refresh_token, offline_access)
Uncheck "Require Proof Key for Code Exchange (PKCE)"
Check:
- Enable for Device Flow
- Require Secret for WEB Server Flow
- Require Secret for Refresh Token Flow
Save the changes to the connected app

Note that you cannot skip steps 1 and 2 and just go to "Manage Connected Apps" to get this information, although it has that title in the header; you still have to go through remote Access, because otherwise the key and secret don't show up.

Step 2: Manage Connected App OAuth Policies

Open Setup - Connected Apps - Manage Connected Apps
Click “Edit” next to the BriefingEdge connected app that you create
Set the OAuth Policies - Permitted Users to “All users may self-authorize”
Set OAuth Policies - Refresh Token Policy to "Refresh Token is Valid until Revoked"

To set permissions at a more granular level you can follow instructions in This Article

Step 3: Create Integrated User

Step-by-step guide for configuring a Salesforce user with minimum access to allow integration. This configuration is designed to provide a secure, role-specific user profile that has the necessary permissions to ensure smooth integration without the need for full admin access. Instructions => here

Step 4: Generate API User security token

A user security token can be created if the user has a profile with access to the user interface (UI), not just the API, but another type of access.

You must generate a user-specific authorization code to obtain a user secret token. This code can be obtained by logging into your Salesforce account, going to Setup > My Personal Information > Reset My Security Token, and clicking the Reset Security Token button. The authorization code will be sent to your email address, which you can use to generate a new user secret token.

lightning/settings/personal/ResetApiToken/home

Step 5: Enable OAuth Username-Password Flows in Setup

Open Setup - OAuth and OpenID Connect Settings
Set Allow OAuth Username-Password Flows to “On”

Salesforce help article about this: Help And Training Community

Step 6: Get the information needed for the integration

Consumer Key & Consumer Secret

Open Settings - Remote Access - Manage Connected Apps - Click on the Manage Consumer Details - Verify your Identity - Copy the Consumer Key and Secret

Organization ID

Open Settings - Company Settings - Company Information - Copy the SF Organization ID

Salesforce API User credentials

username of your API user (check step 3)
password of API user (check step 3)
security token of API user (check step 4)

Step 7: Send info to the Nexus Team

Send the following information to the Nexus Team to be stored in the Database:

Consumer Key & Consumer Secret
Org ID
Salesforce API User credentials:
- username of your API user (check step 3)
- password of API user (check step 3)
- security token of API user (check step 4)

Step 8: Almost Done!

The Salesforce team will be informed once the Nexus team completes the integration.