Salesforce
FortiCASB offers an API-based approach, pulling data directly from Salesforce via RESTful API. Authentication is done through OAUth2.0. FortiCASB uses an access token for API queries.
Prerequisites
To use API access, your organization must be using one of the following editions (the API is enabled by default):
- Enterprise Edition
- Unlimited Edition
- Developer Edition
- Performance Edition
The user account installed in FortiCASB must have the following permissions:
- View All Data
- View All Users
- API Enabled
You may either use an existing account or create a new account. If you create a new account, wait at least 24 hours for the new account to take effect before granting access to FortiCASB.
The following features require "Manage Users" permission as well:
Without "Manage Users" permissions, FortiCASB cannot obtain user login IPs. Therefore, any user activity will not appear on the Activity map. |
Installation
- Log into FortiCASB, go to Dashboard > Business Unit Overview, and click Add New.
- Select Salesforce, and click Add Selected Cloud App.
- You will be prompted to re-direct to Salesforce for authentication. Click OK to continue.
- Log in to authenticate. If you have a custom Salesforce domain, enter it here.
- Click Allow to grant FortiCASB permissions to monitor your Salesforce application.
Salesforce will prompt you to allow or deny access.
After you click Allow, you will be redirected back to the FortiCASB dashboard.
You can check the installation result and SaaS platform monitoring status in the Salesforce dashboard.
For more information on common installation issues, see "Troubleshooting". |