Salesforce connector security

The ScheduleOnce connector for Salesforce is an official app in the Salesforce AppExchange and was approved by the Salesforce Security Review, ensuring the connector meets industry best practices for security.

ScheduleOnce communicates with your Salesforce organization in real time using the Salesforce API. The connection is completely secure, ensuring that your Customer data is safe and not put at risk.

When using the Salesforce integration, ScheduleOnce uses a Salesforce connected app to authenticate and provide tokens for use with Salesforce APIs. All API calls between ScheduleOnce and Salesforce are made via a special API User that is granted the ScheduleOnce permission set. This ensures that new records can always be created, and at the same time, the permissions of individual Salesforce users are not altered.

Below is how ScheduleOnce communicates with Salesforce:

  • Access your basic information (id, profile, email, address, phone) - Allows access to the Identity URL service.
  • Perform requests on your behalf at any time (refresh_token, offline_access) - Allows a refresh token to be returned if you are eligible to receive one. This lets the app interact with the user’s data while the user is offline. The refresh_token scope is synonymous with offline_access.

Advanced secure mode

If you require an extra layer of security, you can contact us to enable the advanced secure mode. When using this mode, you do not need to use the ScheduleOnce permission set and can control the permissions assigned to the connected API User. In addition, ScheduleOnce will not have access to the status of the package installation in your Salesforce organization. Learn more about customizing the API User profile when working in advanced secure mode

Was this article helpful?
Thank you for your feedback!