Salesforce

Overview

LightBeam Spectra users can connect various data sources to the LightBeam application and these data sources will be continuously monitored for PII, PHI data.

Example: Salesforce, Hubspot, ADP, Marketo, etc.

Connecting Salesforce Data Source

1. Login to your LightBeam Instance.

2. Click on DATASOURCES on the Top Navigation Bar.

3. Click on “Add a data source”.

1. Search for “Salesforce”.

1. Click on Salesforce.

1. Fill in the details as shown below and click on Next:

Basic Information

• Data Source Name: This is the unique name given to the data source.

• Description: This is an optional field needed to describe the use of this data source.

• Primary Owner: An email address of who is responsible for this data source and in case of alerts this email ID will get alerts by default.

• Entity Creation: LightBeam Spectra detects and associates attributes based on the context and identifies whose data it is; these are called as entities. Example: Jane Doe is an entity for whom LightBeam Spectra might have detected Name and SSN in a monitored data source.

• Location: The location of the data source is indicated here.

• Purpose: The purpose of why the data is being collected/processed.

• Stage: The stage of the data source. Example: Source, Processing, Archival, etc.

Datasource Configuration

1. Provide the credentials as shown below (If the credentials belongs to a Salesforce sandbox account select the sandbox option) and click on Test Connection.

1. Verify that you get the message “Test Connection Success”.

1. Click on Save.

Now we are ready to browse through onboarded Salesforce datasource dashboard.

Appendix

Steps to Generate Salesforce Data Source Credentials

1. Log in to Salesforce as an Administrator. In the drop-down list of the account (in the upper-right corner), select Setup.

1. In the left-hand pane, go to Apps > App Manager.

1. Click on New Connected App (in the upper right corner).

1. On the New Connected App page, fill in the following required fields under

Basic Information: Connected App Name, API Name, Contact Email.

1. Go to API (Enable OAuth Settings), and select Enable OAuth Settings.

In the Selected OAuth Scopes field, select each of the following options, and click on Add individually:

• Access Connect REST API resources (chatter_api)

• Manage user data via APIs (api)

• Perform requests at any time (refresh_token, offline_access)

Scroll down and tick the checkbox next to Enable Client Credentials Flow.

This will open a pop-up as follows. Click on OK.

1. In the Connected Apps (Apps > App Manager) list, find the App that you just created, and then click Manage.

2. On the Manage page, click the Edit button.

• Under OAuth policies, select All users may self-authorize in the Permitted Users list, and then click the Save button.

1. Return to the Connected Apps (Apps > App Manager) list, find the App you just created, and click on View.

2. Note down the Consumer Key and Consumer Secret under API (Enable OAuth Settings). These will be used for the configuration of Credential in LightBeam's Salesforce integration.

1. Obtain the authorization code by following these steps:

Unix/Linux/MacOS:

1. Copy the Refresh Token Generation Script: Save the script to your local system.

1. Make the Script Executable: chmod +x generate-salesforce-refresh-token.sh

2. Run the Script: Execute the script by running the following command in your terminalbash generate-salesforce-refresh-token.sh

3. Provide Required Information:The script will prompt you for the following information: Instance URL, Consumer Key, Consumer Secret, and Redirect URL.

Retrieve the Refresh Token: The script will generate a Refresh Token. Please save this token as you will need it during the Lightbeam registration process.

Windows:

1. Copy the Refresh Token Generation Script: Save the script to your local system.

1. Run the Script: Right-click on the script and select "Run with PowerShell" from the context menu.

2. Provide Required Information: The script will prompt you for the following information: Instance URL, Consumer Key, Consumer Secret, and Redirect URI.

3. Retrieve the Refresh Token: The script will generate a Refresh Token. Please save this token as you will need it during the Lightbeam registration process.

1. If you encounter an error that reads "REST API is not enabled for this Organization", follow these steps:

• Click on Setup in the top right corner.

• Go to ADMINISTRATION > Manage Users and click on Profiles.

• Click Edit on the specific profile you want to update.

• Scroll down to Administrative Permissions and check the API Enabled checkbox.

• Save your changes.

With these steps completed, you will have all the required configuration parameters like Consumer Key, Consumer Secret, Access Token, and Refresh Token to onboard the Salesforce data source to LightBeam.

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently. LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.