Month: March 2016

Security Tokens in Salesforce.com

Security Tokens in Salesforce.com

In this Salesforce Tutorial, we are going to learn about Security Tokens in Salesforce.com, how to reset security token in salesforce.com and why security token is used in Salesforce.com.

Why Security Token is used in Salesforce.com?

Force.com has an additional layer of access for external and client application. If a user running a development tool like Data loader or Force.com IDE or developing a web application which uses Web services API, every user must append a security token at the end of their passwords. Security Token in Salesforce are used at the end of the passwords if the IP address is outside of the trusted IP range. If the IP address is in trusted range, then there is no need of Security Token.

  • Security Token is automatically generated which have 24 characters, alphanumeric string.
  • They are case sensitive.
  • It is used only once, every time new security token must be generated.

How Security Token is Sent to User?

When a user want’s to reset their passwords a new security token will be sent automatically to user email address. To get Security Token, user must go to reset security Token settings. To rest your security token follow the steps given below.

How to reset Security Token in Salesforce.com.

To receive or reset security token follow the steps given below.

  • Go to Setup=>Personal Setup=>My Personal Information=>Reset Security Token.

Security Tokens in Salesforce.com

Click on reset Security Token button, automatically email will be sent to the user.

How to use security token?

Every time security token must be added immediately after the password. If a user have password is “password” and new generated security token is “xyzabc” then user must enter as “passwordxyzabc”. We must be very careful when reseting administrator password as it may affect running applications and lock users out. It is advised that for external application we must create new “API-only” user and set it password to never expire.

Session Security in Salesforce.com

Session Security in Salesforce.com

In this salesforce tutorial we are going to learn about Session Security in Salesforce.com, what is session security in salesforce and how can we configure session timeout in salesforce.

What is session security in salesforce.com?

 Session security in salesforce.com is that which limits exposure to network when a user leaves their computer unattended while still logged on.

When a user login into salesforce.com, then a session cookie is issued to record encrypted authentication information for the duration of a the session. Here Session security prevents user to expose to network when a user leaves their computer unattended while still logged in. Every user can configure session timeout within the Organization. By default session timeout is two hours, we can change the session timeout. When a user’s session times out, a popup window will be displayed on the screen and asks the user to continue working or log out. Now user must respond to the dialog. If they do not respond to the Session timeout dialog at all, they are automatically logged out.

How to configure session settings in Salesforce.com?

Every salesforce user can edit these setting by the following steps.

  1. Go to Setup -> Administration Setup -> Security Controls -> Session Settings.Session Security in Salesforce.com
  2. After clicking on Session setting a new page will be displayed which shows settings like session timeout, session settings, caching, clickjack protection, cross-site Request Forgery (CSRF) protection, Content Security Policy protection, Session security level and logout page settings.
  3. In Session timeout session we can set timeout value from 15 minutes to 12 hours.

Session Security in Salesforce.com

4.And finally save all the settings.

In session settings we can lock sessions to ip address, domains and also we can enable cache and autocomplete on login page. And also we can set logout page url in logout page settings. When we add logout Url starts with HTTP or HTTPS it redirect users to a specific page after they log out of Salesforce.

User Security and Authentication in Salesforce.com

User Security and Authentication in Salesforce.com

When a new salesforce.com account in created, a unique “Organization ID” is generated. This Org ID is very important at the time that we contact salesforce.com for support, billing or activation of features. This Org ID is used for both security and data access.

Overview on Production ID and Organization ID.

Production ID and Org ID are different. Our production ID will always remain the same but a new Organization ID will be generated each time your refresh a sandbox. So if any third party tools are licensed with this Org ID will get effected. Every user must have unique username and password to login into the platform. This determines the instance and Org ID for the user and ties these identifiers to their session. Each request to the platform utilizes this session and the associated Org ID to segment and compartmentalize data protecting your company’s data from users outside your Org.

How to find Organization ID in Salesforce.com?

TO check salesforce.com Organization ID user must login into salesforce account using username and password. Then go to Setup=>Administer=>Company=>Company Information. On selecting company information we can observe a filed named with salesforce.com Organization ID.User security and Authentication in salesforce.com

Authentication using Single Sign On.

In Salesforce.com usernames must be unique across all production and sandbox environments. Production Organisations cannot have the same username “myusername@mydomain.com”, but same user name can exist in both a production and a sandbox Org. Every Company utilize single sign-on(SSO) to simplify and standardize user authentication through delegated or federated authentication in salesforce.

What is Single Sign On(SSO)?

Single Sign on is the process that allows all networks users to access authorized network resources through single username and password with out having different usernames and passwords.

There are two types of authentication in salesforce.com they are delegated authentication and federated authentication.

What is Federated Single Sign on Authentication.

In salesforce, if Federated single sign on Authentication is enabled then the salesforce does not validate user’s password. Instead of validating user’s password salesforce verifies an insertion in the HTTP POST request and allows single sign on if the assertion is TRUE, if assertion is false salesforce does not allows SSO.

What is Delegate Single sign on Authentication.

Delegate Single Sign-On authentication is the second type of Single sign on in salesforce. If this type is enabled, salesforce allows web services to our organization to establish authentication credentials to the users instead of validating the users passwords.

What is Salesforce.com?

What is Salesforce.com?

What is Salesforce.com is the question raised for the candidates new to Salesforce.com. “Salesforce.com is software as a service (SaaS)“, which means customers need not to install software and servers to maintain.  In salesforce.com we have to sign up an account and instantly we can use the software to run our business. Generally Salesforce.com offers a 30 trial and since there is no contract, you can cancel at any time and walk away if it’s not a fit for your business.

Salesforce.com consists of several products like Sales, Service & Support, Partner Relationship Management, Marketing, Content, Ideas, Analytics, and Chatter. In Salesforce.com developer can extend the system by writing applications using Apex and Visualforce languages on the Force.com platform. In recent times most companies get started on salesforce.com to track their valuable customers efficiently.What is Salesforce.com

What is Salesforce CRM? Salesforce CRM definition?

Salesforce CRM is a set of business processes and integrated application that help companies manage customer information, activities, and conversations in one centralised location.

Different Salesforce clouds.

Generally Salesforce.com provides services in four types of clouds they are

  1. Sales Cloud.
    1. Accounts and Contacts.
    2. Marketing and Leads.
    3. Opportunities and Quotes.
    4. Approval and Workflow.
    5. Email and Productivity.
    6. Content Library.
    7. Analytics and Forecasting.
    8. Chatter.
    9. partners.
    10. Mobile.
    11. Jigsaw Data Services.
    12. AppExchange and many more.
  2. Service Cloud.
    1. Case Management.
    2. Call Center.
    3. Contracts and Entitlements.
    4. Customer Portal.
    5. Knowledge.
    6. Analytics.
    7. Chatter.
    8. Email.
    9. Community.
    10. Partners.
    11. Approval and Workflow.
    12. AppExchange.
  3. Collaboration Cloud
  4. Force.com Custom Cloud.

Advantages and benefits of Force.com.

Building applications on the Force.com platform is faster, less expensive, and produces higher quality applications than building on traditional on-premises platforms. Industry Force.com platform is 5X faster at ½ the cost because of cloud computing.

  1.  Delivers faster time to value.
  2. Requires no up-front capital expenses.
  3. Minimises operational costs.
  4. Requires fewer technical resources.
  5. Simplifies integration.

Salesforce.com Pricing and Editions.

Salesforce.com offers three service cloud editions that you can choose. Each edition has slightly different functionalities and pricing. They are

  1. Professional.
  2. Enterprise.
  3. Unlimited.