Salesforce Einstein Analytics Deployment

Salesforce Einstein Analytics components can be deployed in orgs via three ways:

If the Einstein Analytics components will be deployed to a related org then Change set is the best option.
Else Package-based metadata deployment using VS Code is the freeware to carry out the deployment.

There are deployment tools like AutoRabit, Copado Gearset etc who supports Einstein Analytics component deployment seamlessly but the assumption here is customers don’t have a license of any of those tools.

Before starting, please make sure who is carrying out the deployment has the below permission

  • Manage Analytics
  • API enabled
  • Modify Metadata
  • Modify All Data

Below is the package.xml

<types>
  <members>Analytics</members>
  <name>Settings</name>
<members></members>
  <name>WaveApplication</name>
<members></members>
  <name>WaveDataflow</name>
<members></members> 
  <name>WaveDashboard</name>
<members></members>
  <name>WaveDataset</name>
<members></members>
  <name>WaveLens</name>
<members></members>
<name>WaveComponent</name>
<members></members>
  <name>WaveRecipe</name>
<members></members>
  <name>WaveXmd</name>
</types> 
  • Security Predicates update is a post deployment manual task

Connect to the source org from VS code and retrieve the components using the above xml. Then connect to the destination org and deploy.

Please be cautious about any component override.

Change set based deployment link

https://help.salesforce.com/s/articleView?id=sf.bi_packaging_migrate.htm&language=en_US&r=https%3A%2F%2Fwww.google.com%2F&type=5

Salesforce: Send Email delivery to Gmail, Yahoo

Let’s consider a use-case of this problem:

The customer is using email2case. When customers send an email to the support email ( like product@domain.com) then a case is successfully created. Now, from Console when an Agent replies back to the customer from Feed->Send mail the email is NOT reaching the customer.

Solution:

1. Create DKIM key in Salesforce

https://help.salesforce.com/s/articleView?id=emailadmin_create_secure_dkim.htm&type=5&language=en_US

2. publish the CNAME and alternate CNAME to the DNS server. You may need to involve your infrastructure IS and email domain admin

3. Once done, wait for few hours and activate the DKIM key in Salesforce. 

4. Next is to have Salesforce SPF added in your DNS’s SPF records. Below is the article for reference:
Include Salesforce in Your SPF Record
https://help.salesforce.com/articleView?id=sf.emailadmin_spf_include_salesforce.htm&type=5

5. Once you have activated DKIM and SPF, we recommend you to disable the below deliverability settings:
– ‘Activate bounce management’
– ‘Enable compliance with standard email security mechanisms’

Salesforce: email notifications from corporate email domain

If you want to send email notifications (like case status change, Lead creation) to the customers from your corporate email for branding or don’t want to expose the sales or service personal email then

  1. Create a service emailbox in the corporate email service
  2. go to Salesforce Organization-Wide Addresses
  3. Set User Selectable Organization-Wide Email Addresses and get it verified
  4. This email address will then automatically be avaialble for selection in workflow email alert and flow email alert.

This’s it. Customers will get the notification from the defined corporate branded email id

Salesforce: File transfer through Einstein BOT

Currently, there is no file upload functionality in the einstein chatbot – between Bot and a Customer. A file transfer facility is available between Agent and Customer, by transferring chat from Einstein bot to Agent and then Agent can request the customer to transfer file by sending a link to transfer file.

A customer can’t upload a file until you initiate the file transfer by clicking the file transfer icon. This restriction helps prevent customers from uploading unsolicited or potentially dangerous files into the chat.

The is an idea to allow file transfer through Einstein BOT: https://trailblazer.salesforce.com/ideaView?id=0873A0000015BDVQA2

Salesforce OAuth 2.0 Response and Grant Type

Salesforce OAuth 2.0 and Grant Type

response_type is used against authorization endpoint. This parameter define what authorization response must contain in its response. For example, code when using authorization code grant https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=<your_client_id>                                                                                        &redirect_uri=<your_redirect_uri>response_type=code: to request an authorization coderesponse_type=token: to request an access token
The /authorize endpoint is used for the Web Server OAuth Authentication Flow and User-Agent OAuth Authentication Flow. End user interaction is needed to provide username/password and to authorize the client.

grant_type 

grant_type on the other hand is used against token endpoint. It define the grant used to get the token from the Authorization Server. For example, authorization_code is the grant used for authorization code granthttps://login.salesforce.com/services/oauth2/token?grant_type=password&client_id=<your_client_id>                                                                                 &client_secret=<your_client_secret>                                                                                 &username=<your_username>&password=<your_password>
The /token endpoint is used for the Username-Password OAuth Authentication Flow and the OAuth Refresh Token Process.
grant_type=password : used to get access token directly in exchange of username and password Request:grant_type with the value passwordclient_id with the the client’s IDclient_secret with the client’s secretscope with a space-delimited list of requested scope permissions.username with the user’s usernamepassword with the user’s password
Response:token_type with the value Bearerexpires_in with an integer representing the TTL of the access tokenaccess_token a JWT signed with the authorization server’s private keyrefresh_token an encrypted payload that can be used to refresh the access token when it expires.
grant_type=authorization_code : server exchanges the auth code for an access token
It has two Parts1. First go to the Authorization endpoint to get the authorization code2. Part II is to hit the Token end point with the authorization codeRequest:grant_type with the value of authorization_codeclient_id with the client identifierclient_secret with the client secretredirect_uri with the same redirect URI the user was redirect back tocode with the authorization code from the query stringResponse:token_type with the value Bearerexpires_in with an integer representing the TTL of the access tokenaccess_token a JWT signed with the authorization server’s private keyrefresh_token an encrypted payload that can be used to refresh the access token when it expires.
grant_type = refresh_token: Access tokens eventually expire; however some grants respond with a refresh token which enables the client to refresh the access tokenRequest:grant_type with the value refresh_tokenrefresh_token with the refresh tokenclient_id with the the client’s IDclient_secret with the client’s secretscope with a space-delimited list of requested scope permissions. This is optional; if not sent the original scopes will be used, otherwise you can request a reduced set of scopes.Response:token_type with the value Bearer
expires_in with an integer representing the TTL of the access token
access_token a new JWT signed with the authorization server’s private key
refresh_token an encrypted payload that can be used to refresh the access token when it expires

grant_type=client_credentials : applications need a way to get an access token for their own account, outside the context of any specific user. This grant is suitable for machine-to-machine authentication, for example for use in a cron job which is performing maintenance tasks over an API. Not Applicable in Salesforce
grant_type = assertion

grant_type—urn:ietf:params:oauth:grant-type:jwt-bearer

grant_type: urn:ietf:params:oauth:grant-type:saml2-bearer

grant_type=device

Force.com Site Vs Site.com

Salesforce Force.com Site Vs Site.com
A public website and application can be built by Salesforce Force.com Site and Site.com. The website is directly integrated with a Salesforce Org - without requiring users to log in with a credential- hence not requiring any Salesforce license. One can publicly expose any information stored in the company through a branded URL and make the site's pages match the look and feel of any company’s brand. Create a branded, custom Web address, such as http://www.twirltech.in, by registering through a domain name registrar. Create CNAME records to redirect your branded domain and sub-domains to the Salesforce Sites domain without exposing the force.com name in the URL.
the public users could access the Force.com site or Site.com site by Guest User licenses. If Community is enabled, these users also have access to public pages in the communities. Site visitors have access to any information made available on an active public site. For each Guest User license, one can develop one site for your organization.
A public website and application can be built by Salesforce Force.com Site and Site.com. The website is directly integrated with a Salesforce Org - without requiring users to log in with a credential- hence not requiring any Salesforce license. One can publicly expose any information stored in the company through a branded URL and make the site's pages match the look and feel of any company’s brand. Create a branded, custom Web address, such as http://www.twirltech.in, by registering through a domain name registrar. Create CNAME records to redirect your branded domain and sub-domains to the Salesforce Sites domain without exposing the force.com name in the URL.
the public users could access the Force.com site or Site.com site by Guest User licenses. If Community is enabled, these users also have access to public pages in the communities. Site visitors have access to any information made available on an active public site. For each Guest User license, one can develop one site for your organization.
What is Force.com Site

Force.com Site enables developers to build Ux with HTML, CSS, Visualforce. Obviously, someone with experience in those areas can customize and produce a world-class professional website. Force.com site lets the developer build custom pages and Web applications by inheriting Force.com capabilities including analytics, workflow & approvals, and programmable logic.
Force.com Sites is the product if the business requirement is complex, driven programmatic logic using Apex and APIs. Some capabilities of Force.com:
Force.com Sites is the product if the business requirement is complex, driven programmatic logic using Apex and APIs. Some capabilities of Force.com:
·         Public, branded pages that anyone can access.
·         Write programmatic controllers, or extensions to controllers, using Apex code.
·         Create custom login or self-registration pages.
·         Build dynamic web applications, such as a product promotion, registration and management application.
·         Developer/Admin can only assign the permission to read/create on standard objects, but can assign full create-read-updated-delete (CRUD) on custom objects for Guest User profile

Enterprise, Unlimited, and Performance Editions come with 25 Guest User licenses of Force.com Site. Developer Edition comes with one Guest User license. which means 25 Guest Users can be created.

What is Site.com Site
Site.com Site is more template-driven, built using Community Builder or Site.com Studio, no CRM functionality – don’t have access to the Accounts and Contacts objects. Users have access to an unlimited number of custom tabs but are limited to the use of one custom app, which is defined as up to 20 custom objects. Each Site.com the Only user also needs either a Site.com Contributor or Site.com Publisher feature license to access Site.com. 

Community Builder is an intuitive, convenient tool for customizing a community that can have public pages. Community Builder lets a developer/administrator creates a community based on a pre-configured template, and then apply branding, edit pages, update your template, and publish changes all from one user-friendly interface.
Using Community builder, a developer can create public pages that anyone can access or set a home page and set up multilingual support for the community in Site.com Studio, a Web content management system that provides extra configuration options. Site.com Studio is easily accessible from Community Management.

Developer, Enterprise, Unlimited, and Performance Editions each come with unlimited Guest User licenses of Site.com

Force.com Sites VS Site.com Sites

Force.com Sites:

  • Force.com sites supports both authenticated and public websites
  • Included in all Enterprise Edition (or above) and Developer orgs.
  • Support for custom pages using Visualforce, JavaScript, CSS.
  • Developers must be familiar with the above languages.
  • Can access all Force.com objects.

Site.com:

  • Is a provisioned product.
  • Site.com is meant for non-technical administrators as there is no coding necessary.
  • Drag n drop support for CMS.
  • Allows custom coding using HTML, CSS, Javascript.
  • Includes a security model of who can contribute to and publish sites.
  • Chatter supported for contribution of content while chatter is not available on the front end website.
FeatureForce.com SitesCommunity Builder Sites
Visualforce pagesYesNo
Can it have AuthenticationNoYes
Can be Template drivenNoYes
Can host Public pagesYesYes
Out-of-the-box login, logout, self-registration, and error pagesYesYes
Can it have Pixel-perfect designsYesYes
Can impose IP restrictionsYesYes
Can success to data from Salesforce org, Account Contact cases, leads, and opportunitiesYesYes
Can support CMSNoYes
Force.com Sites vs Site.com