Salesforce Communications Security

The Nexus managed package uses a username and password to connect to the Nexus SOAP API for:

• Visit requests from Salesforce
• “Log into Nexus” functionality from Salesforce

This username and password is used one time in the Nexusmanaged package installation process by a Salesforce administrator

Nexus uses OAuth set up by a Salesforce administrator to connect to Salesforce REST API for:

• Bulk opportunity data retrieval from Salesforce
• Data pushes from Nexus to Salesforce (custom objects)

Nexus uses OAuth for individual Salesforce users when pulling information during the booking process. This account does not need to be a Salesforce administrator. The following data is retrieved:

• Accounts
• Contacts
• Opportunities

These are standard REST API calls from Salesforce that follow all of the set permissions for each user, so that they only have access to the data that they would have access to inside of Salesforce itself.

Salesforce Communications and SSO

Although a client may choose to instantiate a Nexus web session based on the information that is provided through the Nexus API during the Visit Request process, or the “Log into Nexus” button; Single Sign On is also supported during this process, so that after a visit has been requested in Salesforce, the user can be directed through a client’s Identity Provider.

In this instance, the data for the visit request will be sent as described above, through the Nexus API, while the user will experience an SSO login before they arrive at the Nexus website.