Glean requires authentication to the Salesforce instance in order to fetch relevant Objects (Cases, Knowledge Articles)
Authentication is done via an OAuth flow to authenticate Glean with your Salesforce instance.
Glean will understand which Objects a user has access to and will strictly enforce permissions for users, down to the record level at the time of the query which will ensure that user’s are not able to see results which they do not have access to.
It’s important to note that all data is stored in the customer’s cloud account and no data leaves the customer environment.
Glean will initially capture the following Objects:
Knowledge Base articles
For Tasks glean currently captures only partial permissions. Only the owner of the task(assigned to) and users above the owner in the salesforce role hierarchy will have access to the task on glean search. Additionally users with view all data access will have permission to view all Tasks on glean search.
In addition, Glean allows customers to set up crawling Custom Objects. Let a Glean representative know if you wish to crawl Custom Objects, and follow [External] Salesforce Custom Objects Setup after this setup guide is complete.
Glean does not currently support capturing any native Salesforce object apart from the objects listed.
In order to provide the best experience, over time we will continue to increase the number of Objects that we ingest and provide search functionality for.
Salesforce API Usage
In order to gain access to the relevant objects in the Salesforce instance, Glean uses the
Salesforce API to retrieve data records.
The integration requires a Salesforce administrator (user with System Administrator profile) to set up properly.
Glean recommends creating a permanent Service Account user for the integration. Please use a Service Account to create the token to ensure that Glean does not lose access if the employee who performed the authentication changes roles or leaves the company.
Glean currently has 2 options for configuring Salesforce
The user must be an admin in the Salesforce instance being authenticated, i.e. have the “System Administrator” profile.
We need an admin profile as many objects crucial to understanding the permissioning model are only accessible by admin profile.
The user will require read only access to all of the Objects that the customer would like to have indexed.
The user record should have “knowledge user” checked IF your company uses knowledge.
Profile: API User with minimal perms
To allow API access
API Enabled = true
Required for capturing doc permissions:
View Roles and Role Hierarchy = true
View Setup and Configuration = true
View Data Categories in Setup = true
View All Profiles = true
View all Users = true
View Dashboards in Public Folders = true
View Reports in Public Folders = true
Needed for ranking
View All Activities = true
To limit token capabilities (optional)
Api Only User = true
To crawl FeedItem -- for discussion forums and chatter on other objects
Chatter Internal User = true
View all data = true
To crawl tasks
Access Activities = true
View all data = true
Custom App Settings:
To crawl discussion forums
Community (Standard__Community): Visible
To crawl discussion forums and chatter
Salesforce chatter (standard__Chatter): Visible
For each object: view all + read access to all fields for every object.
Installation instructions are provided in-product.
Depending on which objects admins choose to set up and support, let a Glean representative know if any default objects are omitted from the setup and not intended for crawl (e.g. Discussion/FeedItem or Knowledge).
For any questions or issues with this setup, please reach out to email@example.com.