🔍 Pre-Installation Checks and Steps

1. Verify that your Salesforce edition is Lightning Enterprise or higher. We do not support the Classic edition.
2. Verify with your CSM that the Salesforce feature is enabled for your account. If you would like to send tests to yourself, they will also need to turn on the 'share with own company' option.
3. Enable your trust center(s) in Whistic by going to each trust center and performing the following steps:
   1. Navigate the Trust Center drop-down menu at the top of the page and select Trust Centers
   2. Select the trust center you would like to modify and click the vertical 3 dot (...) menu to open 'Trust Center Settings'
   3. Scroll down to Integrations
   4. Click the slider for Salesforce to Enable the feature
   5. (Optional) Enter a description for the profile that will be visible in Salesforce.
4. Obtain a Whistic API Key from your Whistic Admin. They can generate this key by performing the following steps:
   • From the dropdown 'Settings', select Integrations (also found under Resources dropdown)

• From Integrations, select Whistic Public API

• Select Generate New Key

📥 Installation Guide (First Time)

• For first-time customers looking to install Salesforce in a particular environment (first time in Sandbox or PROD) please use the Installation Guide.
• Installation Guide - To access the PDF Guide, see the bottom of the article to obtain the attachment!

⬆️ Upgrade Guide (Existing)

• For customers who are looking to upgrade from a previous version, please use the Upgrade Guide
• Upgrade Guide - To access the PDF Guide, see the bottom of the article to obtain the attachment!

⚙️ Basic Setup Steps

It's recommended to test the package in a Sandbox before implementing it in your Production environment.

If the package is already installed in a Sandbox environment, and you are now installing for Production, please delete the API token in Whistic (not the key) in Company SettingsIntegrationsSalesforce before re-installing in Production.

Overview of the steps below:

1. Installation
   1. Use the Installation Guide PDF to follow the link to install Production or Sandbox environments
   2. Choose Install for Admins Only or for All Users
   3. Check the acknowledgment box
   4. Select 'Install'
   5. On the Approve Third-Party Access box, select Yes and Continue
   6. Wait for the installation to complete (This may take a few minutes - Salesforce.com will send an email once the installation is complete)
2. Connected App Settings
   1. Go to "Manage Connected Apps" (SetupAppsConnected Apps Manage Connected Apps)
   2. Select "Whistic Profile App Connection"
   3. Select "Edit Policies"
   4. Within the "Permitted Users Dropdown", select "Admin-approved users are pre-authorized."
   5. Select Save on this menu to close this policies page
   6. Select "Manage Profiles"
   7. Check the "System Administrator" option
   8. Select Save on this menu
3. Permission Sets
   1. Locate "Permission Sets" under "Users"
   2. Add permission sets for the appropriate users
      1. For Full admin and testing access, use both permission sets
   3. Add the "Whistic Admin" permission set to the Salesforce Admin setting up the managed package
   4. Add the "Whistic User" permission set to the users who will be using the integration
   5. Add the "Whistic NDA Bypass" permission set to the users who will be authorized to bypass an NDA where a signed agreement is already in place

5. Connecting Whistic with Salesforce (Only Salesforce Admins can complete this step)
   1. Within "App Launcher" select the "Whistic" app
   2. Go to the "Home" tab within the "Whistic" app
   3. Click the Edit button next to the Default Instance in the Getting Connected component
   4. Paste in your API key (provided by a Whistic admin at your company and click "Save & check Connection"
   5. A green "Success!" message will appear when the connection is established
6. Component Configuration
   1. Navigate to the page you'd like to add the component
      1. The Whistic profile Shares component can be added to the Account, Opportunity, Contact, and Lead record pages
   2. Select "Edit Page" under the settings (gear) icon
   3. Select the "Whistic Profile Shares" component from the "Custom" section of the components list and drag to the desired position on the page
      1. Confirm that you can edit any part of the page first as your company may be using managed package page layouts which cannot be edited
   4. Additional Optional configurations can be set, please reference the Installation Guide PDF for more details

✅ Lead Indicators of a Successful Connection:

1. Profiles are visible and able to be shared
2. Green Success message in Step 4 of the installation instructions above
3. API token for Salesforce visible in Company SettingsIntegrationsSalesforce

Congratulations! Your Whistic profile is now connected to your Salesforce Instance. Feel free to test a profile share to ensure everything is working properly! If you're still having trouble, feel free to reach out to your Whistic contact or support@whistic.com for assistance.

🔄 Simultaneous Connections Setup (For package versions 1.32+)

Users can now connect up to 10 separate Salesforce accounts to a single Whistic Account

Benefits

• For companies with multiple Salesforce instances, now all sales reps across instances can share profiles from one single Whistic Account
• Enable easier testing as a Sandbox and Production account can be connected at the same time and testing can take place in the sandbox without disrupting production
• With the latest version of the integration, you can connect multiple Whistic accounts (API Keys) to a single Salesforce account, and multiple Salesforce accounts (sandbox, production, etc) to a single Whistic account.

How It Works

1. Connect your Salesforce Account to Whistic as you normally would
2. Navigate to Whistic Company Settings Salesforce
3. Locate the Salesforce Account you just connected in the list
4. Click to Edit the Account Name
5. Rename the account to something recognizable
6. Toggle connect on or off for an account to enable/disable connection to Whistic

Best Practice

Make sure to name the connection in Whistic after connecting so that you can tell them apart from each other easily.

🎯 Optional Features

💰 Sales Matrix

Control what profiles users can share via SF Profile group assignments HERE.

📊 Editing Component Columns

Salesforce Admins can remove and reorder columns in the component. Details are provided in the Salesforce Installation Guide PDF (at the bottom of this article).

📈 Reporting

Currently, there are not many pre-built reporting capabilities in our integration. However, the information and options below may help your Salesforce Admin create custom reports.

1. Pre-Built
   1. The pre-built reporting options we provide through the Salesforce package is currently limited to the component itself
2. Records
   1. Profile Share History records are Salesforce records.
   2. Opportunities
      1. We do not populate the Opportunity field on share records, but hope to in the future.
3. Custom
   1. One option for building out your functionality is described below: Have a field on the account called profile share date when a "Profile Share Contact" record is created, and trigger a simple process builder to populate that field on the account with today's date. Then have a formula field on the opportunity that displays the most recent profile share date back to the opportunity. You can set up additional logic and an additional process builder to decide when to update that date on the opportunity but this way you can start to report on accounts with opportunities that have received a profile share. Also, you can then create rules for salespeople that require them to share the profile at a stage in the sales cycle.

🤖 Automatic Trust Center Approval (For package versions 1.33+)

Some recipients require approval before they can view trust centers that have the general approval requirement. This can cause an unnecessary delay in some cases. Auto-approval provides flexibility in eliminating that delay when appropriate by allowing all shares to be automatically approved if they meet your Salesforce customer-customizable criteria. This includes shares not originating from Salesforce.

How Auto-Approval Works

Recipients will be automatically approved to access a trust center (this does not bypass NDA requirements) when they meet the following minimum criteria:

1. The recipient is a Salesforce contact -OR-
2. The recipient is associated with a website in your Salesforce accounts

Important: In both cases, the recipient's email domain must match the associated account website exactly in order to be auto-approved. This helps safeguard content from those who may not be qualified or authorized to access it.

Additional Filtering Options

You can add additional SOQL filters to further limit which contacts auto-approval applies to. Any additional filters will further restrict what contacts qualify for auto-approval beyond the minimum requirements above.

Sample SOQL Filters:

Include By Account Name

• Include contacts from Account 1, Account 2 or Account 3

  • account.name in ('Account 1', 'Account 2', 'Account3')

• Variation (OR case)

  • (account.name = 'Account 1' OR account.name = 'Account 2' OR account.name = 'Account 3')

Exclude By Account Name

• Include ALL contacts unless they are from Account 1, Account 2, or Account 3

  • account.name not in ('Account 1', 'Account 2', 'Account3')

Exclude by Account Domain (Website)

• Include ALL contacts unless they are from Website 1, Website 2, or Website 3

  • account.website not in ('test.com', 'test1.com', 'test3.com')

Mixed Criteria

• Include contacts from Account 1 or Account 2 but only if their title is Manager

  • (account.name = 'Account 1' OR account.name = 'Account 2') AND Title = 'Manager'

Example of Additional Filtering Options

To restrict a particular domain from being auto-approved, here is how you would set up the additional filtering in the SOQL configuration box:

account.website not in ('test.com')

Functionality: Any user who attempts to access a profile from the domain of test.com will be required to have admin approval, not allowing the user to be auto-approved.

Best Practice Recommendation

We recommend leaving admin approval required on for those who attempt to access the trust center who are NOT listed in Salesforce. This allows you to approve or deny those requests once you have reviewed them, ensuring proper oversight of external access requests that don't meet your auto-approval criteria.

🔒 NDA Bypass (For package versions 1.32+)

Certain trust cetners require a Whistic NDA to be signed before viewing. In cases where another NDA already exists, certain Salesforce users can now bypass this requirement permanently (per account) when they share the profile for the first time!

Users must first be given permission as shown below by a Salesforce Whistic Admin.

• The NDA override cannot be removed from Salesforce once in place. This will need to be done manually as Whistic does not currently have a way to remove an NDA override
• The NDA Bypass Reason field cannot be made required.
• Alternatively, the bypass permission set can be applied to individuals, and in bulk, by your Salesforce Admin if desired.

🔐 Trust Center Content Preview

We have a feature for any Salesforce users that would like to know more of the trust center content than just name and description. This view is very different from the Whistic Trust Center view, but may meet your requirements. The steps are described below.

CAUTION: We recommend you be selective with the users that receive this access so your integration is not broken or otherwise negatively affected.

1. Your Salesforce Admin will need to give the Whistic Admin permission set to a user or user group. For example, you could give this to certain trusted sales leaders so they can field any questions their team has. Details were provided to your Salesforce Admin in the original setup guide on the Permission Set slide.
2. These users can then go to Salesforce Apps Whistic Home Security Profiles (Click a name) Get a content overview in the details page. This includes: assessment names and versions, audits and certifications, document file names (no view or download), creator name and date, last modifier name and date, etc.

Home Tab:

Profile Content Details:

📝 Edit Trust Center Share Page

In rare cases you may need to edit the Trust Center Share page. Below is how you can do that. You will likely need to have Salesforce Admin rights to execute the steps below (add fields and values).

1. Log into Salesforce.com Whistic App Account click any.
2. Find the Whistic Profile Share component (box) on the page.
3. Click the down arrow on the left of each share record and then View for details.

4. Now that you are on the Profile Share page, click the Setup gear icon in the top right of your window.
5. Edit object Page Layouts click page layout name view in Salesforce Classic if required.

6. Locate the 2 boxes you will need on this page: Profile Share Layout, Profile Share Details.
7. You can drag and drop fields from the layout box to the details box and then click Save in the layout box. For example, you can grab the NDA Status field and drop it right above the Viewed Date field.
8. After saving, refresh the Profile Share page to confirm that your change was successful.

🖊️ Edit your Trust Center Description in Salesforce

To edit the trust center description listed in Salesforce under Profile Selector, you will need to use the following steps:

1. Log into Whistic and locate the trust center you have chosen to share in Salesforce
2. Open the Settings for the trust center (vertical 3 dot ... menu)
3. When scrolling down, you will come across a field for "Profile Description" after the option to "Enable Salesforce"

4. Enter in the text you wish to be displayed and this will automatically sync with Salesforce
5. After saving, refresh your Salesforce to confirm that your settings have been updated.

📧 CC Sender (For package versions 1.32+)

Sales reps can now CC themselves as they share trust centers. This will add them as a CC in the same email that goes to the customer with the trust center link when a trust center is shared from Salesforce.

Benefits:

• Enables reps to follow up about the Whistic trust center in the same email thread.
• Helps reps confirm that the share email was sent and what the contents are.
• Enables reps to see information about the trust center sent and navigate to Whistic to view the trust center, registration is still required.

🔧 Troubleshooting

Please review the items below for troubleshooting common issues:

🔄 Reset Connection

Before starting, please review all steps to ensure you have proper access to complete the process. This can resolve a number of connection-based errors.

1. Log into Whistic.com Settings Integrations Salesforce
2. Delete the entire row for the connection you'd like to reset.
3. Click on the trash icon next to the one you are trying to delete.
4. Create a new key and plug that into the Whistic App in Salesforce.com (A Salesforce Admin must enter the key in Salesforce).
5. Once that new key has been applied in Salesforce, refresh the Whistic.com Salesforce page and make sure a new connection is shown. If there is a connection shown, the connection reset is complete.
6. If additional troubleshooting is required, your Salesforce Admin could confirm if the new API key was successfully saved to Salesforce here: Salesforce.com (Log In) Setup Quick Find Custom Settings Whistic Settings v2 Select Company API Key.

🔗 Trust Center Sharing

1. Validation
   1. Sometimes certain input restrictions may not be clear through app error messages. We hope to improve this soon.
   2. For example, trust center recipient titles must be less than 50 characters long currently.
   3. The "response status code is 400" may mean an unsupported title (or other) character.
2. 403 or Unexpected Character
   1. These logs likely indicate a bad connection that needs to be completely reset see steps in the PDF guide for more information).
   2. Updating to the latest version of Salesforce will help with any errors due to sharing a trust center to a user with special characters in their name (such as a dash).
3. Server Error
   1. The log below generally means a connection reset is required or recommended (see section above). This rarely happens.
   2. Internal Server Error, Error Message: Unexpected character ('A' (code 65)): expected a valid value (number, String, array, object, 'true', 'false' or 'null') at [line:1, column:13]
4. Mismatch
   1. If you are seeing outdated data in Salesforce compared to Whistic, it's possible the connection is or was bad.
   2. Generally we recommend resetting the connection (instructions above). Then we can review and find the root cause.
5. Testing
   1. Generally, we recommend not sharing profiles with your own company. Instead, create a test account that is not associated with your own company.

🔧 Install / Upgrade

If you experience any issues during setup or upgrades, generally, a step was missed in the instructions provided.

If you get the error below when upgrading your Whistic package, you may need to delete a previously created custom tab so that the package can install the one that is already included in the package (example in Custom Tabs screenshot below).

Error Example:

"Unmanaged custom object tab already exists, package upgrade cannot create another tab."

Custom Tabs:

📦 Versions & Upgrading

(For newer package versions 1.32+) We will now display the current package version that the customer has active directly in the our app! Also, when an upgrade is available, we will provide an upgrade link. However, before upgrading we recommend it be tested first in your Sandbox environment to ensure your unique configuration work properly.

If you are receiving the below Apex class error for the 'SecurityProfileShareController' after upgrading, please reach out to support@whistic.com for assistance.

❓ FAQ

Why is the trust center viewed date wrong?

Viewed Date is reported on a group share level (not individual). So if you share to multiple recipients and one views the trust center, all will have the same viewed date.

Will marking the Profile Access field as Admin Only make it not sharable?

No, not currently. Please turn off the Enable Salesforce toggle instead.

Why does NDA say pending when it's N/A or already signed?

For any shares to companies who have already accepted the NDA, there is a bug where it will say "Pending" instead of "Accepted" until the trust center is viewed. At which point it autocorrects.

Currently there is no NDA status "Not Applicable" for trust center shares that do not require an NDA. So these will show "Pending" or "Accepted" once the profile is viewed depending on the recipient account Whistic share history. The recipient will be able to view the profile without an NDA as expected.

Is Profile Share History synced across all page and record types?

Mostly.

Why don't I see all trust center shares in Salesforce?

Only shares initiated from Salesforce.com will be synced with Whistic.com

Why isn't the contact title updating?

Whistic user information (such as title) are not updated if it changes within Salesforce at a later time. That information is sent over with the first share only and saved.

Why do I see users in Whistic with an "invalid" email address?

It is likely something your Salesforce Admin(s) are doing from their sandbox environment. These emails are not created by Whistic and considered different accounts from non-invalid versions.

Are profiles currently listed randomly in the main share list?

Yes, however, you can make your trust center list more manageable by removing unneeded trust centers, and/or using our share matrix feature HERE.

Is Salesforce Classic supported?

No. Classic is not officially supported even with running the Lightning platform in the background without the UI/display.

Can we have the SFDC Whistic widget on more than one template in SFDC?

Yes, you can have the component / widget on any combination of the 4 valid page types / templates at any time on most apps.

See the end pages in the installation instructions PDF for how to do that.

Can I migrate the integration to a new Salesforce account?

Yes! This should preserve your historical profile share data. However, it may be a little tricky so we recommend setting up a meeting with us to ensure the process is understood. Contact support@whistic.com to schedule a meeting.

• Install the Whistic package into your org.
• Disable Whistic's Remote Site Setting:
  • Setup Remote Site Settings Deactivate Remote Site api.whistic.com (note COM)
    • This allows shares to be blocked as you proceed.
    • These failed shares will be logged in the integration only.
• Migrate your data via the Data Import Wizard:
  • (Optional) Import a small batch to test.
  • Import the Whistic Profile Share Contact Object Records
  • Be sure that the external IDs are included.
  • The record import triggers the profile shares (which cannot be disabled in a managed package directly).
• Confirm previous step is 100% done.
• Confirm no shares succeeded.
• Revert your change in step 2. Done!

What package version do I have?

You (or more likely your Salesforce Admin) can find what version number of our integration that you have below. Currently the highest number is 1.34.1.

Why can't I see all my contacts?

(For package versions 1.32+) There likely are multiple pages of contacts and you just need to use the pagination controls at the bottom to cycle through the different pages.

Why aren't my trust center names updating in Salesforce?

Currently these have be synced manually. Please have your Salesforce Admin reconnect the app as shown below.

Salesforce.com Whistic app Getting connected Edit Check connection (even if blank).

Why is my connection failing?

If you trying to connect your API in Salesforce and failing there can be a couple reasons.

• The initial installation configuration was not done fully or changed later.
• Your org may require a full Salesforce Admin to apply the API key.
• You may want to reset the connection if the issue persists. Instructions found in this guide.
• Generally there will be an associate Salesforce audit log / error detail as well: Error Code 401 Unauthorized.

Why can I see the sharing box but no share button?

This will happen if you have version 1.33+ and your user account does not have any permission sets (role).

Why does my version not show the entire number?

Rarely, we'll need to release longer version numbers such as 1.33.1 instead of 1.33. Currently, we do not show that third digit. However, your Salesforce Admin can always see the full version number on the Installed Packages page.

How do I limit access to my production or test trust centers?

The Share Matrix feature is the best way to control which trust centers are seen by which users. We currently do not have a way to limit control which trust centers go to sandbox, etc.

Why am I getting an update failed error when sharing a trust center?

When your Salesforce Admin is upgrading your package to 1.32+ some accounts may require additional configurations to Share Settings that give trust center senders 'edit' access to accounts or object which they do not own. Error shown below:

Error Message: Update failed. First exception on row 0 with id 0016900002l9e5MAAQ; first error: INSUFFICIENT_ACCESS_OR_READONLY, insufficient access rights on object id: []

Why doesn't my admin have all access?

If your Salesforce Admin is trying to access the API Key Getting Connected configuration, they will need to make sure their profile is the standard "System Administrator" (rather than a custom admin profile). Only these admins can manage the connection in Salesforce.

If your Salesforce Whistic Admin would like all other permissions, they will need all the permission sets to be assigned to them.

Why is my Share Profile button not showing?

Please confirm that the permission set "Whistic User" is applied to view this button.

Why do I see '-public' or '-private' at the end of my profile name?

This is because that trust center has public trust center sharing turned on. When sharing the '-public' trust center, the recipient will receive a snapshot/overview of the trust center but will be required to log into see the details of documents and questionnaires. The '-private' option requires login prior to viewing any trust center content. More information can be found HERE.