How to use Facebook, Twitter, Wechat, Microsoft, Yahoo & many more as a Identity Provider for Salesforce with the help of Janrain Auth Provider
Salesforce supports many Auth Provider out of the box, which can be used as Identity provider. Some of the examples – Facebook, Google, Github, Salesforce, OpenId Connect , Linked In and Janrain.
If you are in need to use Wechat , Yahoo or some other social account like Microsoft, don’t get disappointed. Even if they are not available out of the box as Auth Provider in Salesforce , Salesforce has provided magical box Janrain. Janrain supports vast list of social platform which can be used as Identity provider for your Salesforce instance.
How Janrain is different compared to other SSO solutions for Salesforce
Salesforce Interview Questions related to Person Account
231. How much space is taken by each Person Account record ? Ans : As it acts as Account (2kb) and Contact (2kb), total space taken is 4kb.
232. Can we create a field on Person Account directly ? Ans : No. We need to create a field on contact which will appear for Person Account as well. Fields created on Contact appear on Account with extension __pc.
233. Can we select Person Account as parent for Business Account and create Account hierarchy ? Ans: Person Account is used for B2C & Business Account is B2B model in Salesforce. In real life, headquarter or head office of business Account can never be person Account. Therefore we cannot choose Person Account as parent Account for Business Account. It will throw error –Parent Account may not be a person account.
How to create a lookup field in Flow by embedding Lightning Component
Most of us are big fan of Flow but at the same time we miss a lot of obvious features like lookup fields, model dialogues etc. This blog post might bring excitement and motivation to give more attention and love to Flow.
How to use SalesforceDX (SFDX) with Sandbox, Developer and Production Orgs
We have gone through few blog posts about SFDX and its capabilities in past. In this post, I will explain steps on how to use SFDX with developer, Sandbox or Production Org. In short we will discuss how to use SFDX with non Scratch Orgs. We would be using official Salesforce IDE for SFDX, which is VSCode.
Assumption – VSCode extension is already installed in your VSCode.
Create SFDX project in VSCode
Open VScode and press cmd+Shift+p, It will give some option. Select SFDX: Create Project.
I have read many posts and watched video to understand Microservices precisely however I found Martin Fowler’s explanation about Microservices most helpful. This blog post is just the recap & summary of what I understood about Microservices Architecture.
Characteristics of Microservices
Build services in form of Components
Components can be independently replaceable and upgradable
Components can be combination of Libraries and Services
Services can be built in other languages and services can inter communicate
Organized keeping business rules in mind
Traditionally (Monolithic), Services were organized considering technical aspects like different services related to UI, Database, Server etc
Microservices, suggests to group it as per business capabilities like shipping, Order, Catalog etc
Smart end points and dump pipe
In ESB (aka spaghetti box 😉 lol), we tend to add all smartness in ESB itself and endpoint is just a dump where consumer gets preprocessed data
MicroServices on other hand encourages dump pipe (ESB) and smart endpoints
Decentralized Governance or Data Governance
Every Service should be responsible for their own database & persistence
Can’t communicate to other databases directly, it should be via API’s only (These are mostly inspired by Amazon’s 2 Pizza team size)
Every service can have different languages or tools
Continuous Delivery is very important for each services to make sure there is no or minimal down time
Top class monitoring capabilities to perform analysis of degraded performance or downtime
Important to have roll back plan and ability to spin up new server in case of service or service fail
Design for failure
As there could be many microservices, its inevitable that they would fail.
Companies like Netflix, they have a application (chaos monkey) which randomly goes out and fail their microservices deliberately
Its important to perform these kind of exercises to understand how resilient their network and microservices are.
Improve Lightning Component performance using simple 15 rules like Storable Actions, avoiding server trips, Lightning Data Service, Unidirectional data binding, creating component APIs etc
Avoid Server Trips
Most obvious idea to improve Lightning Component Performance is to avoid server trips. Let’s say, you need to know the queue Id to be assigned as owner in Case and also need custom setting information to derive the behavior of Lightning Component. There are two ways to achieve this – Call Apex Controller two times vs return combined results from Apex in single call and process JSON in client side controller of Lightning Component.
2. Use Storable Action
In this approach, Lightning component shows cached result instead of making immediate server trip. Lightning component will make server (Apex) call in background and if cached result is stale, then it would cache and refresh the lightning component. This is very useful for devices which has slow internet connections. If you are Facebook or Google News user, you would be easily relate it. When we open these apps, it shows previous feed and if there are new feeds, it gives us option to refresh view or automatically refresh it. All you have to do is, on client side controller of Lightning component, mark action as storable using this code action.setStorable(). This blog post explains working of storable action in detail. Continue reading “15 ways to improve performance of Lightning Components in Salesforce”
Short & quick note about Salesforce Identity product
Below are important summary about Identity Connect
It comes as add on feature with Salesforce with additional cost
Only works with Active Directory
Its only one way Sync, from Active Directory to Salesforce
We can assign profile, role and permission set to user using Identity Connect
Any changes made manually for mapped field on user record would be overwritten with next sync.
Sync from Active directory to Salesforce can be realtime or scheduled
If the user is deactivated in Active Directory then user record also gets deactivated. Identity Connect internally uses API to deactivate user. Unlike for some other SSO solutions, if user is deactivated in Active directory then they cannot login to Salesforce. However, if they already logged into mobile phone or connected app then they can still access Salesforce. This problem is resolved in Identity Connect.
Identity connect is installed on client network behind the firewall. Identity connect pushes the changes to Salesforce from client’s network.
If we want to use Identity Connect as a SSO and user wants to use Salesforce from outside company network or on mobile phone, then its login page must be accessible on internet. This can be done by installing Identity Connect on De-militarized Zone (DMZ).
Identity connect is used for User provisioning but not for Just in Time (JIT) provisioning.
We can use Identity connect as a SSO. If customer already has SSO implemented then Identity connect can only be used for user provisioning.
One Identity Connect can be used for multiple Salesforce instances however all production or all sandboxes. If you want to use Identity connect for production and Sandbox at same time, then we would need two Identity Connect, one for Sandbox and other for Production.
Identity Connect will work with only one Active Directory but it can have multiple domains in same AD.
Integrated Windows Authentication (IWA) is supported by Identity Connect using Kerberos authentication protocol. Means, if user is already logged into company provided windows system, then login screen would be bypassed and Salesforce login experience would be seem less.
Scheduled sync uses more API’s then realtime schedule. Because, Schedule sync checks for changes in all Salesforce users vs all AD users.
If you are new to Microsoft Azure, you can get free trial access however you might need to provide Credit card details to use few features. You would not get charged because we get $200 worth credit for new Account that can be used in a span of year.
I was not able to use Azure’s Active Directory SSO for Just in Time (JIT) provisioning. Rather, it connects to Salesforce and creates user whenever user is provisioned in Active Directory, just like Identity Connect
Security token is mandatory. In case if you have IP login range then we don’t get Security token. To fix this, we can divide our password to have some value in Security token. As final password anyways is Password + Security Token. Shown in below image
When we assign any user to Enterprise application (in our case its Salesforce), we need to map profile to the user.