For more information about plan types and capabilities, see Vanta's pricing page
Trust Center's Salesforce integration provides an easy way to leverage automation when granting access to your report. This integration allows you to control who should be automatically approved for access and who should be required to sign an NDA by leveraging the data you already have in your Salesforce records.
Connecting with Salesforce
From the left-hand navigation panel, select Integrations
Search for Salesforce and choose Connect
Link your Salesforce instance with the Full API Access option selected
Once you've successfully connected your Salesforce account, navigate to settings and configure your desired auto-approval and NDA bypass settings
Note: There are two options for If request meets condition
Salesforce Contact matches the email
This will match the exact email addresses found in your Salesforce Contact records
Salesforce Contact matches the email domain
This will match against the email domain of any Contacts found in your Salesforce records. For example, “joan@customer.com” will match against “dan@customer.com”
In addition to matching Contacts, you can optionally configure a boolean field that must be set to true on the linked Account to that Contact for the auto-approval to go through
Once these rules are in place, viewers who have been auto-approved appear in the viewer's table with the Salesforce logo
Trust Center Salesforce Integration: Required Permissions
The Trust Center Salesforce integration requests the api and refresh_token OAuth scopes. From Salesforce’s documentation about the api scope:
“Allows access to the current, logged-in user’s account using APIs, such as REST API and Bulk API 2.0.”
In other words, the Trust Center Salesforce integration’s access is determined by which account initiates the OAuth linking flow in Vanta. To limit the integration’s access, we recommend creating a separate service user with limited permissions in Salesforce and linking with that user.
(Note: If you’re already currently logged into your own Salesforce account, you may need to log out first before clicking “Connect Salesforce” in order to link with the service user)
Required permissions by feature
The following permissions are necessary for the following capabilities:
Augmenting viewer data in Activity and Access Requests for contacts found in Salesforce
Automated access approvals
NDA Bypass
While we recommend granting access to all non-sensitive default fields on these objects to avoid functionality breaking if we request more information in the future, the minimal required permissions are the following:
Accounts
Object Permissions
Read
Field Permissions
Read Access
Name
Type
OwnerId
Contacts
Object Permissions
Read
Field Permissions
Read Access
Email
AccountId
Name
Revenue Tracking
If you’d like to take advantage of the Revenue Tracking reporting features, we will the above permissions and read access to opportunity objects in Salesforce.
While we recommend granting access to all non-sensitive default fields on opportunities to avoid functionality breaking if we decide to request more information in the future, the minimal required permissions are the following:
Opportunity
CloseDate
Amount (or equivalent custom field specifying revenue*)
Stage (or equivalent custom field specifying opportunity stage*)
CurrencyIsoCode (if multi-currency is enabled)
*For opportunity stage and revenue, you can specify custom fields to use over the defaults from within the Trust Center settings page.
Lead Creation
Vanta Trust Centers now has the ability to create leads in SFDC for viewers that are not found in Salesforce. If you’d like to take advantage of this capability, we will need the following permissions:
Object Settings
Lead
Object Permissions
Create
Field Permissions
Edit Access
Email
Name
Company
Create Salesforce Task
Vanta Trust Centers can now push Trust Center activity to Salesforce. If you’d like to take advantage of this capability, we will need the following permissions:
System Permissions
Access Activities
Edit Tasks
Profile > Field-Level Security > Task
Edit Access
Comments
Related To
Name