The Zuar Web Application Firewall (WAF) can integrate with Salesforce via a Salesforce Canvas App.

Canvas enables you to easily integrate a third-party application in Salesforce.

Canvas Apps and VisualForce Pages

In addition to standard canvas apps, Canvas also lets you expose a canvas app on a Visualforce page. This means you can display a canvas app anywhere you can display a Visualforce page.

The steps below are one time setup on the Salesforce side. These steps require a Salesforce administrator account.

Create a Salesforce Connected App

In the Salesforce UI, click Setup.

Search for "App Manager" and click App Manager.

Click "New Connected App".

Fill out the "New Connected App" form. Not all values are required.

Basic Information

  • Connected App Name: (e.g. "Zuar Rapid Portal")
  • API Name: (requires all lowercase and underscores) (e.g. "zuar_rapid_portal")
  • Contact Email: your Salesforce admin's address

API (Enable OAuth Settings)

  • Check Enable OAuth Settings
  • Callback URL: https://{rapid_portal_url}/keepAlive (e.g. https://analytics.yourcompany.com/keepAlive)
  • Selected OAuth Scopes - Select "Access your basic information (id, profile, email, address, phone)" and click Add
  • Check Require Secret for Web Server Flow

Canvas App Settings

IMPORTANT: Depending on your Tableau environment you will use either the signed or vaulted endpoint for the Canvas App URL below. signed is used for Tableau Server with trusted authentication. vaulted is used for Tableau Server without trusted authentication and Tableau Online (which doesn't have trusted authentication). vaulted will prompt the Tableau user for their Tableau password once. If the user's password changes, the user will be prompted again, once.

  • Check Canvas
  • Canvas App URL: https://{rapid_portal_url}/{signed or vaulted} (e.g. For Tableau Server with trusted authentication use https://analytics.yourcompany.com/signed and for Tableau Online use https://analytics.yourcompany.com/vaulted)
  • Access Method: Signed Request (POST)
  • Locations: Select "Visualforce Page" and click Add

Click Save.

Back on the "Manage Connected Apps" page, click Manage.

Click "Edit Policies".

OAuth Policies

  • Permitted Users - set to "Admin approved users are pre-authorized"

Click Save.

There is a new section named Profiles. Click Manage Profiles.

Check the box next to any profiles you wish to give access to and click Save.

Save the Salesforce Connected App's Consumer Secret

Go back to the App Manager (search "app manager").

Find the newly created Connect App and click View.

In the API (Enable OAuth Settings) section, next to Consumer Secret, click "Click to Reveal".

Save the Connected App's Consumer Secret. This will be needed for configuration on the Zuar Rapid Portal.

Tableau to Salesforce User Mapping

Usernames from Tableau Server/Online must be mapped to information from Salesforce (e.g. username, email).

Tableau Online usernames must be email addresses. Tableau Server usernames can be anything.

Salesforce requires that each username be unique and in the form of an email address. Learn more about Salesforce usernames.

User Mapping Options

  • userName
  • baseName
  • email
  • baseEmail

User Mapping Examples

Tableau Username Salesforce Username Salesforce Email User Mapping Options
user1@company.com user1@company.com user1@company.com userName or email
user1 user1@company.com user1@company.com baseName
user1@company.com user1+production@company.com user1@company.com email
user1 user1+production@company.com user1@company.com baseEmail

Typically using the email user mapping makes the most sense for Tableau Online user mapping and email or baseEmail makes the most sense for Tableau Server user mapping.

Next steps:

  1. Share your newly created Salesforce Connected App's Consumer Secret with Zuar either through your account manager or support.
  2. Share your Tableau to Salesforce user mapping naming convention with Zuar either through your account manager or support.
  3. Zuar will configure your Portal to use the Salesforce Connected App's Consumer Secret and User Mapping.
  4. Test the Salesforce Connected App after Zuar performs step 2 above.