The &Open platform can synchronise gifting activity with your company's Salesforce account. Every time a user is added to a campaign within Salesforce, we can mirror this action in your campaign in &Open, meaning that your team can do a lot of their work without needing to leave Salesforce.

To configure this feature, we use what's called a “Connected app” in Salesforce, which is how you grant the &Open software access to read in campaign members and update records when gifts are selected. All the information that passes between the two systems is encrypted, and you can control which campaigns are visible to the &Open platform easily.

Though administering Salesforce can be sometimes intimidating, this process should only take 5–10 minutes.

To get set up, we’ll first access the “Setup” app in Salesforce, which is accessible from the gear menu in the top-right corner of the window.

Once in Setup, scan the sidebar navigation to find “App Manager” under “Platform Tools”. On this screen, press the “New Connected App” button in the top right.

This next screen is where we do most of the configuration of our app. We're going to name it, give it a set of permissions, and finally we’ll provide the certificate which allows all of the communications to be safely encrypted when &Open is transferring data to Salesforce.

You can name the app anything you like—we suggest “AndOpen Gifts” and the API name “AndOpen_Gifts.” The contact email should be your own, so other people on your team know who created the app. You can upload a logo for the app here to make it easier to identify—here is one you can use.

In the next section, check the checkbox for “Enable OAuth Settings”. For “Callback URL”, just put in our homepage, “https://andopen.co”.

In the lists for “Selected OAuth Scopes”, you need to enable two options: “Manage user data via APIs (api)” and “Perform requests at any time (refresh_token, offline_access)”. Enable these by pressing the arrow button to move them to the right-hand list. This gives the app access to users added to campaigns and lets the &Open app talk to Salesforce automatically when there are new activities to respond to. Leave all the other settings as their defaults.

Finally, on this screen, we'll create an encryption certificate and upload it as part of the app configuration. Check the box for “Use digital signatures” to enable the upload button for your certificate.

This step is slightly technical, but you can use the commands below to generate the file you need. Here’s Salesforce’s own documentation on this process. We’ll go through some steps, and 4 files will be generated on your machine as you go. When we’re finished, we’ll have a file called server.crt which is the certificate we will upload.

You should now have the following files created.

Upload the server.crt file to the “Use Digital Signatures” button we had earlier. Once that’s done and you’ve hit save, you can delete the files other than the server.key, which we'll need you to email to us as the final step.

You’ll see a warning about things taking up to 10 minutes to be enabled — just click “Continue” on this screen.

Your Connected app has been created and will begin to appear in Salesforce’s “App Manager” list, where we started. Our last step is just to set up the app so that it’s allowed to run on its own in the background without needing you to agree to each action it is taking.

Click the “Manage” button here and then “Edit Policies” on the following screen.

This is where we can set the app up to have scoped access to only certain parts of your Salesforce account — in particular, we want to make sure that any campaign that your team who send gifts have access to are also enabled for the &Open app so that we can do the synchronisation.

Under OAuth policies, set the “Permitted Users” dropdown to “Admin approved users are pre-authorized”. Press Save.

You’ll be brought back to the main page for your connected app. The final step is to scroll down to Profiles and click “Manage Profiles”. The next screen will show you a list of built-in profiles and any custom ones your organisation created. You want to give access that matches what your Sales & Marketing team may have — they need to be able to read & write the Campaign Object at least. We suggest ticking the “Marketing User” option and hitting Save again. If you have modified these roles or added more specific ones, you may need to pick one that can manage Campaigns.

To access Salesforce, we will need to be provided with a username. This user must be assigned the same Profile as the connected app was assigned (as above). This is typically either a pre-existing Salesforce admin user or a user created specifically for this integration.

The user must have the Marketing User Profile (or similar profile with at least the same permissions), as well as checking the Marketing User permission checkbox.

In addition the Profile settings must include "View All Data" as below.

Now we can grab the access details for this app that you will share back to &Open through your Account Manager so we can complete the configuration on our side. Go back to the main screen for your app (access by App Manager in the sidebar if you’re finding it difficult to get back here). Click on the “Manager Consumer Details” button. Before it gives you access, Salesforce may ask here for a code that they’ll email to you or a 2-factor code that you normally use when logging in.

You’ll get through to a page listing a long “Consumer key” and a “Consumer secret”. Both of these will look like very long complex passwords, for example:

We need five pieces of information from you to conclude this process:

Please email these details to your account manager or technical integrations point of contact. We’ll then apply the configuration so that you can start sending gifts directly from Salesforce.