Security is a number one priority for Canon Connect. Since Canon Connect and Salesforce speak through an integration, we had to take many precautions to ensure the integrity of this security. The following is a break down of how we secure your solution.
Canon Connect to Salesforce Authentication
Canon Connect utilizes oAuth2.0 web server flow to integrate with Salesforce. To maintain connections between user sessions, Connect will store tokens for authentication and reauthentication and encrypt them. Encryption keys are different for each customer and stored separately from their data.
Once a refresh token is invalid, users are prompted to reauthenticate with Salesforce via the web to server oauth flow.
Salesforce to Canon Connect Authentication
Canon Connect provides an API tokens that are utilized in Named Credentials within Salesforce so that Salesforce can perform requests on the Canon Connect server
User Authentication in Canon Connect
Users authentication with Canon Connect via JWT tokens.
Content Security Policy
To embed Canon Connect in Salesforce, an iframe must be used. Therefore, Canon Connect has strict CSP measures to only allow specific domains to embed and leverage the Canon Connect iframe
Role-based access control (RBAC):
Canon Connect maintains a RBAC system for providing users the least amount of privileges needed for their role. Companies (or Organizations) are completely separated in the Canon Connect System so that they may not work on each others data.
Our site only accepts and requests through HTTPS only to ensure all communication is encrypted between source and destination.