Integration using Salesforce Canvas
- 2. SalesforceCodex.com 2 Overview:- What is Canvas:- Canvas enables you to easily integrate a third-party application in Salesforce. Canvas is a set of tools and JavaScript APIs that you can use to expose an application as a canvas app. This means you can take your new or existing applications and make them available to your users as part of their Salesforce experience. Important Entity:- Authentication Context Cross-domain XHR Events Canvas Apps in Visualforce Canvas Scenarios•Application integration—You’re a partner, systems integrator, or customer that builds cloud apps, and you’d like to integrate these applications with Salesforce. •Application rationalization/enterprise desktop—You’re a large organization that has many existing apps that your users access in addition to Salesforce. You’d like to integrate these apps into Salesforce so that users can accomplish all of their tasks in one place.
- 3. SalesforceCodex.com 3 Continue:- canvas app is also a kind of connected app. You can consider canvas app as connected app with some enhanced features to make it work seamlessly with external apps within Salesforce UI. Some of these additional features are: a) canvas app settings has 'Access Method' option which simplifies the way your connected app is getting authenticated and authorized. This is important when you want to have your canvas app do authentication and authorization behind the scene without having user know about it. b) Canvas app framework provides Lightweight and easy-to-use JavaScript libraries. c) Canvas app framework natively provides 'Context Services' which tells more about the logged-in user, what org are they in, how much area does the canvas provide to display etc. d) It natively allows cross-domain API calls. e) It is based on lightweight JSON eventing framework which allows your apps to publish and subscribe to events. (the events are sent through Canvas API). So, in summary, above said additional features on top of connected app makes a canvas app
- 4. Important parameters:- • Authentication—signed request or OAuth 2.0. • Context. • Cross-domain cross-domain XML HTTP requests . • Resizing—M • Events—Events provide a JavaScript-based way to send and receive events between canvas apps. • Canvas Apps in Aura—An Aura component that lets you expose your canvas app in a custom Aura component. • Canvas Apps in Visualforce • Canvas Apps in the Publisher • Canvas Apps in the Chatter Feed • Canvas in the Salesforce Mobile App SalesforceCodex.com 4
- 5. SalesforceCodex.com 5 Canvas can be placed in salesforce:- Chatter Feed—The canvas app appears in the feed. If this option is selected, you must create a CanvasPost feed item and ensure that the current user has access to the canvas app. Chatter Tab—The canvas app appears in the app navigation list on the Chatter tab. If this option is selected, the canvas app appears there automatically. Console—The canvas app appears in the footer or sidebars of a Salesforce console. If this option is selected, you must choose where the canvas app appears in a console by adding it as a custom console component. Visualforce Page—The canvas app can appear on a Visualforce page . If you add an <apex:canvasApp> component to expose a canvas app on a Visualforce page, be sure to select this location for the canvas app; otherwise, you’ll receive an error Layouts and Mobile Cards—The canvas app can appear on a page layout or a mobile card. If this option is selected, you choose where the canvas app appears by adding it to the page layout. Mobile Nav—The canvas app is accessible from the mobile app navigation menu. Open CTI—The canvas app appears in the call control tool. If this option is selected, you must specify the canvas app in your call center’s definition file for it to appear. Publisher—The canvas app appears in the Chatter publisher and action bar. If this option is selected, you must also create a canvas custom action and add it to the global publisher layout or to an object’s page layout.
- 6. SalesforceCodex.com 6 Authentication and Permission:-Permission:- The following user permissions are required to create canvas apps and view them in the Canvas App Previewer:“Customize Application” •“Modify All Data” •User Interface Considerations Authentication When you create a canvas app, you can use one of the following authentication methods: Signed request—The default method of authentication for canvas apps. The signed request authorization flow varies depending on whether the administrator gives users access to the canvas app or if users can self-authorize. The signed request containing the consumer key, access token, and other contextual information is provided to the canvas app in one of these ways: The administrator allows access to the canvas app for the user. The user approves the canvas app in the OAuth flow. OAuth 2.0—Canvas apps can use the OAuth 2.0 protocol to authorize and acquire access tokens. Signed Request Authentication The signed request authorization flow varies depending on whether the canvas app’s Permitted Users field is set to "Admin approved users are pre-authorized" or "All users may self-authorize."
- 7. SalesforceCodex.com 7 Canvas Configuration:- Permitted Users Value Canvas App Accessibility When the User Needs to Approve the Canvas App POST or GET Behavior Admin approved users are pre- authorized The app is accessible to users as soon as the administrator installs it in the organization and configures which users can see it. Users don’t need to approve or deny access. Never Salesforce performs a POST to the canvas app with all the authorization information contained in the body of the signed request, including the refresh token. All users may self-authorize The app is accessible to all users, but the user is prompted to approve or deny access to the app. •The first time that the user opens the app •If the access token is revoked by the administrator •If the administrator sets a time limit on the token and that time limit is exceeded 1.If the user has previously approved the app and the access hasn’t been revoked or expired, Salesforce performs a POST to the canvas app with a signed request payload.If the user hasn’t approved the app, or if the access has been revoked or expired, Salesforce performs a GET to the canvas app URL. The canvas app must handle the GET by accepting the call and looking for the URL parameter _sfdc_canvas_authvalue. If the canvas app receives this parameter value, the canvas app should initiate the approve or deny OAuth flow._sfdc_canvas_authvalue = user_approval_required After the OAuth flow is initiated and the user approves the app, the canvas app should call the repost() method with a parameter of true to retrieve the signed request.
- 8. SalesforceCodex.com 8 How Canvas works:-
- 10. salesforcecodex.com 10 Keep Exploring. Keep Learning.