Checklist before installing a Salesforce integration
We recommend verifying the following requirements before installing the Salesforce integration:1. Verify your Salesforce edition supports API access
Salesforce editions offer different levels of API access, which can affect Salesforce integrations in Ampersand. Before setting up your Salesforce integrations, you must confirm whether your specific Salesforce edition includes API access. Some editions include full API access by default, while others may offer limited access or require additional purchases. To evaluate if your Salesforce edition supports the necessary API access for this integration, please refer to Salesforce’s official documentation on API access by edition. If your Salesforce edition does not include the required API access, contact your Salesforce account representative to upgrade your edition.2. Configure token policy settings
Salesforce access tokens expire after a certain period. To ensure your integration continues working without interruption, you need to set your refresh token policy to Refresh token is valid until revoked. Here’s how to configure this setting in Salesforce:- Log in to Salesforce.
- Go to Setup.
- In the Quick Find box, search for Connected Apps.
- Click on Manage Connected Apps.
- Find and click on the name of the application you are integrating with.
- Scroll down to the OAuth Policies section.
- Look for Refresh Token Policy.
- Under IP Relaxation, select Relax IP restrictions.
- Make sure the refresh token policy is set to Refresh token is valid until revoked.

- Click Save.
3. Check API access control settings
Salesforce allows administrators to restrict which applications can access Salesforce data through APIs. You need to ensure that API access isn’t limited to only specific connected apps. To verify your API access control settings:- Log in to Salesforce.
- Go to Setup.
- In the Quick Find box, search for Connected Apps OAuth Usage.
- Under the list of connected apps, find your app and click Manage App Policies.
- In the OAuth Policies section, ensure the Permitted Users status is one of:
- Admin approved users are pre-authorized - only selected users can access.
- All users may self-authorize - all users can access the app.

- Click on Install next to your connected app.
- In the OAuth Usage and Policies section, set the appropriate permissions level.
- Click Save.
4. Ensure sufficient permissions for installing user
The user that installs the Salesforce integration should either be:- a System Administrator
- or a user that has been assigned a User Profile with sufficient permissions, it is best to create a new custom User Profile for this purpose.
Create a custom User Profile
To create a new User Profile:- Log in to Salesforce.
- Go to Setup.
- In the Quick Find box, search for “Profiles”.
- Click on the New button.
- Choose an existing profile to clone, we recommend Standard User. Please ensure that you clone a User Profile with the Salesforce User License. The Salesforce Platform User License is insufficient.

View and edit permissions for a User Profile
Follow the steps above to go to the Profiles page, and then:- Select the User Profile you’d like to view and edit.
-
Click Edit at the top of the page.
- Ensure the checkboxes for the necessary permissions below are checked.
- Click Save at the top or bottom of the page.
API Enabled
- One of the following:
Approve Uninstalled Connected Apps
- Choose this if API Access Control isn’t enabled.
Use Any API Client
- Choose this if API Access Control is enabled. This can be enabled by contacting Salesforce Customer Support.
- If your integration is using Subscribe actions:
View Setup and Configuration
View Roles and Role Hierarchy
Manage Custom Permissions
Customize Application
Modify Metadata Through Metadata API Functions
Allows Users to Modify Named Credentials and External Credentials
Object permissions for a User Profile
You need to ensure that the User Profile has the correct permissions for all the objects that the integration needs to have access to (e.g. Account, Lead). To view the object permissions that a particular User Profile has:- Search for Object Manager.
- Select the object of interest.
- Go to the Fields & Relationships tab.
- Check field-level access for the relevant profiles. Please refer to Salesforce documentation
View All Records
View All Fields
Modify All Records