Article #000001352
As a system administrator, you can set up AdvoLogix Matter Managementâs matter intake via an unauthenticated Force.com Site. The site's special characteristics make the implementation a unique experience. The Site is usually unauthenticated, i.e., it utilizes a guest user access that does not have a direct Salesforce login and thus, by definition, cannot authenticate to SharePoint (an external service).
The SharePoint connector v1.11 has introduced a new capability called Secured Logins. This allows your administrator to set up any user within your organization as a Secured Login that can be authorized to SharePoint. It can also power up the authorization flow within an automation that executes under the context of guest user access (such as an unauthenticated Force.com Site).
STEP 2: License Access
The guest site user (for the desired Force.com Site) must be assigned as a licensed user to the following packages:
- AdvoLogix Matter Management
- AdvoLogix Connector for SharePoint and Salesforce
STEP 3: Permissions necessary for the Automation Flow
Due to the latest changes and restrictions enforced by the Salesforce platform, guest users do not have direct access to any of the objects and data within those objects in your organization. For the integration to work successfully, care should be taken to give access to records so that the integration can work without errors.
Custom Metadata Types Access
- advpm.AdvoLogix Global Configurations
- shpoint.Folder Configuration
- shpoint.SharePoint Configuration
- shpoint.SharePoint Triggers Configuration
Custom Settings Access
- advpm.AdvoLogix Global Options
- advpm.AdvoLogix Global Options (List)
Object & Field Permissions
- Intake Forms from the AdvoLogix Matter Management package:
- READ permission necessary for the object.
- READ permission necessary for all fields.
- Intake Elements from the AdvoLogix Matter Management package:
- READ permission necessary for the object.
- READ permission necessary for all fields.
- Global Settings from the AdvoLogix Matter Management package:
- READ permission necessary for the object.
- READ permission necessary for all fields.
- Matters (or any objects used or referenced within the intake form):
- Access to relevant object-specific record types (if applicable).
- READ and CREATE permission necessary for the object(s).
- READ and EDIT permission is necessary for all relevant fields that have been used within the intake form.
- Folder Record Mappings from the AdvoLogix Connector for SharePoint and Salesforce package:
- READ and CREATE permission necessary for the object.
- READ and EDIT permission is necessary for all fields.
- SharePoint Events from the AdvoLogix Connector for SharePoint and Salesforce package:
- READ and CREATE permission necessary for the object.
- SharePoint User Configurations from the AdvoLogix Connector for SharePoint and Salesforce package:
- READ and CREATE permission necessary for the object.
- READ and EDIT permission is necessary for all fields.
Organization-Wide Sharing Settings
Necessary External Access For Objects:
Objects data sharing model should allow the records access. This can be achieved in either of the following ways:
- Set the Default External Access setting for the object to Public Read/Write.
OR - Create a Sharing Rule within the object Sharing Rules to share data with the external site guest user.
The above image is a sample realization of what the Guest Sharing Rule could be set as. It does not reflect that all external guest-sharing rules must be set with these parameters.
Sample Use Cases
- The CreatedById criteria makes more sense for sharing records that will be created as new in the background automation. We would like the newly created records to be available for reading to the guest user for further processing in the automation.
-
The CreatedById criteria will not work to share records that already exist in your org because they were created by different users.
For example, the SharePoint User Configurations object records already exist, so the criteria for this object should be Login As Enabled = True to ensure that SharePoint user configurations are shared with guest users where they are enabled as Secured Login.
List of objects that require the necessary data Sharing settings:
- Intake forms from the AdvoLogix Matter Management package.
- Intake elements from the AdvoLogix Matter Management package.
- Global Settings from the AdvoLogix Matter Management package.
- Matters or any objects that are referenced within the intake form from the AdvoLogix Matter Management package.
- Folder Record Mappings from the AdvoLogix connector for the SharePoint and Salesforce packages.
The SharePoint user configurations from the AdvoLogix connector for the SharePoint and Salesforce packages.
STEP 4: Setup Secured Logins under SharePoint Setup
An internal user or the Force.com Site guest user (that has been set up for intake) needs to be set up as a secured login.
Under the Secured Logins Manager, create a new secured login. In the user input lookup, search for and select the user you want to enable as the secured login.
As an administrator, you can either ask the respective user to log in using their Salesforce login or authorize them to SharePoint using their SharePoint login information.
đ§ TIP: You can select the Force.com Site guest user for the intake site you have set up as an unauthenticated Force.com Site and authorize the user to SharePoint from the Secured Logins Manager only.
STEP 5: Salesforce Flow To Create and Upload Document From Intake
To automatically create a SharePoint folder and upload the intake form submitted Salesforce Files to SharePoint, your administrator can create a new flow using the SharePoint: Upload Document flow template. Once your flow is generated, you can modify the flow to below-mentioned modifications:
Add a new Get Records element: Get Matter Record to read the newly created matter data from the intake form. Since you are using the SharePoint: Upload Document flow template, your matter can be read as:
- Field: Id
- Operator: Equals
- Value: {!Loop_Linked_Entities.LinkedEntityId}
Add a Create Folder (SharePoint integration provided action method) action element: Create or Get Mapped Folder to create or read an existing folder from SharePoint related to the matter.
Within the Create Folder action, the input parameters can be set as follows:
- Salesforce Record Id: {!Loop_Linked_Entities.LinkedEntityId} or {!Get_Matter_Record.Id} This is to input the record ID for the newly created matter record ID from the intake form submission.
- Folder Name: {!Get_Matter_Record.Name} OR any other flow variable that should resolve to your desired SharePoint folder name.
- Login As User Id: (optional) This value can be empty in case you have set up the Force.com Site guest user as a secured login and authorized that user to SharePoint.
OR
This should be an 18-character userâs record ID for the user who has been enabled as a secured login in the SharePoint Setup.
Modify the Upload Document (SharePoint integration provided action method) action element: Upload Document to SharePoint to upload the newly uploaded file from the matter intake to the desired SharePoint folder.
Within the Upload Document action, the input parameters should remain the same as what they have been set up initially from the SharePoint: Upload Document flow template.
- Login As User Id - (optional) This value can be empty if you have set up the Force.com Site guest user as a secured login and authorized that user to SharePoint.
OR
This should be an 18-character userâs record ID for the user who has been enabled as a secured login in SharePoint Setup. - Use Asynchronous Method - (required) Setting this to TRUE is required due to the nature of how the intake form submission works with creating a new SharePoint folder flow; we cannot call simultaneous call to Upload Document, as that will trigger a Salesforce platform-driven limitation error (You have uncommitted work pending. Please commit or rollback before calling out.) and that would break the flow and not upload the document to SharePoint. This must be set to TRUE when the Create Folder in the SharePoint element node exists in the flow.