The need to share data from private databases with end users is a problem common to many businesses. Fortunately for Salesforce.com users, building a web application that securely accesses and interacts with Salesforce.com data is surprisingly simple.
Getting data into Salesforce.com from your company’s website is actually pretty trivial through Salesforce.coms’ web2lead technology. However, sharing data interactively from Salesforce.com with end users can make things more complex. While Salesforce.com customer portals and site.com portals can accomplish these goals, they often come with a high price tag. Fortunately, there are alternatives!
A Custom App That Provides Secure Salesforce.com Data Interaction
One of our clients wanted to customize their Salesforce.com Lead Capture setup. They wanted the ability to present Salesforce.com product data to public users, allow those users to make product selections, and then submit the chosen product orders and the users’ contact information back to Salesforce.com in the form of a lead.
Rather than building a Salesforce.com based portal, or utilizing site.com, we built a web app that securely connects to Salesforce.com for data interaction. The result, which you can see in this video: http://www.youtube.com/watch?v=a9605VVcG_8&feature=youtu.be is a Heroku web app that fulfills the client’s needs without the expense and overkill of a customer portal or sites.com.
How It Works
This application relies on a couple of key technologies: oAuth2 and the force.com rest api. oAuth2 allows secure authentication to Salesforce.com, while the rest api gives us ready access to create, read, update and delete Salesforce.com objects after they’ve been authenticated.
These two technologies are wrapped up in the ruby gem “Databasedotcom” (https://github.com/heroku/databasedotcom) and made even easier to use within a Rails application by the “Databasedotcom-rails” gem. Configuration is by a standard rails yaml file, stored in config/databasedotcom.yml. (I’ve included the code you’ll need and installation instructions in a downloadable attachment at the end of this post.)
A couple of key things to notice:
- The create, and update methods call the coerce_params method. This method is dynamically created as a class method on the dynamically created model for User. This method enforces data type sanity upon the input so that Salesforce.com can save the data.
- When using the databasedotcom-rails it’s important to remember that you do not need to create a corresponding model for the controller. As the controller is instantiated, it dynamically generates a Model object for the SObject your controller is referencing; in this case the sObject of User.
Using these controller methods gives you access to basic CRUD for all Salesforce.com sObjects — including custom objects — in your org. In our case, this was enough to complete the project – We used a Product controller’s index method to display the list of objects, and a lead object to insert the relevant data.
To learn more about this application, and other custom Salesforce.com work we can provide, contact us or email us at firstname.lastname@example.org. You can also click here to schedule a free review of your existing Salesforce.com setup with one of our consultants, which includes advice and suggestions on how Salesforece.com can be optimized to best fit your unique business needs.