Salesforce API Integration Prerequisites
Before you can integrate Salesforce via API, make sure the following prerequisites are in place.
- Skyhigh CASB for Salesforce - DLP App. Install the Skyhigh CASB for Salesforce - DLP app to your Salesforce instance. Get it from the AppExchange here: https://login.salesforce.com/packagi...4t0K000000bCll
- Event Monitoring. If your organization uses Salesforce Shield, enable Event Monitoring on the target Salesforce instance before integrating with Skyhigh CASB. This requires assistance from Salesforce. For more information, see https://help.salesforce.com/articleView?id=Enabling-Event-Monitoring&type=1&language=en_US.
- Salesforce Permissions. Enable the following Permissions in Salesforce for the Service User that is used to enable API integration with Skyhigh CASB:
- Administrative Permissions
- API Enabled
- Chatter Internal User
- Create and Customize Dashboards
- Create and Customize List Views
- Create and Customize Reports
- Create and Setup Communities
- Create Dashboard Folders
- Create Report Folders
- Edit My Dashboards
- Edit My Reports
- Manage Categories
- Manage Dashboard in Public Folders
- Manage Public Documents
- Manage Public List Views
- Manage Public Templates
- Manage Reports in Public Folders
- Modify All Data
- Transfer Record
- Use Team Reassignment Wizards
- View All Data
- View Dashboards in Public Folders
- View Help Link
- View Reports in public Folders
- View Setup and Configuration
- General User Permissions
- Allow View Knowledge
- Assign Topics
- Connect Organization to Environment Hub
- Convert Leads
- Create Topics
- Delete Topics
- Edit Events
- Edit Tasks
- Edit Topics
- Import Leads
- Import Solutions
- Run Reports
- Transfer Leads
- View Event Log Files
- View Platform Events
- Custom Object Permissions
- Check all permissions for SHNEvents Object
- Apex Class Access
- SkyhighNetworks.SHNDeleteEventsController
- SkyhighNetworks.SHNPostInstall
- Add a user to Salesforce with system admin privileges. To make the API integration successful, this user should not be part of the SSO system.
- Administrative Permissions
- Salesforce Field-Level Security
The Salesforce feature named "Field-level security" let's you restrict users’ access to view and edit specific fields. To ensure that Skyhigh CASB can access the event feed via API, please make sure that the role assigned to the API user has _no_ field-level restrictions. Especially not for the "SHNEvent" APEX Object which is installed with the Salesforce Add-In Package.