The Send2CRM service includes public API endpoints for receiving form submissions and updating visitor data. Form submissions are restricted to mapped forms only, and visitor updates are allowed only for existing Salesforce records.
Public site
Create a Salesforce Site for the Send2CRM public API. In Salesforce, Setup:
Find and click Sites. If you have not previously set up a site, accept the terms of use and click Register My Salesforce Site Domain.
Click New to create a new site.
If the site will only be for Send2CRM use, we recommend the following settings:
Site Label: Send2CRM
Site Name: Send2CRM
Active Site Home Page: Unauthorized
Inactive Site Home Page: None
Site Template: None
Click Save.
Click the Activate button to make sure the Site is Active
If the site will not be used for other purposes we recommend you Edit the Site Visualforce Pages and remove all except Unauthorized. After the site has been created, access this setting from the Site Label link on the Sites page.
Click Public Access Settings, and find the Enabled Apex Class Access section. Click Edit and add access to send2crm.PublicApiService. After the site has been created, access this setting from the Site Label link on the Sites page.
It is also possible to include the Send2CRM endpoints on a site that serves other content, configure as desired. We do recommend a dedicated site if possible, as Salesforce bandwidth and request time limits are applied per-site.
When running via the public API, Send2CRM inherits all permissions of the configured Default Record Owner. Set this to a user that is assigned the send2crm Administrator permission set so that all actions can be performed.
Cross-Origin Resource Sharing (CORS)
By default Salesforce will return HTTP headers that will cause web browsers to disallow AJAX requests. To allow AJAX requests from the website, add it to the Salesforce CORS allowed list. In setup:
Find and click CORS under Security.
Under Allowed Origins List, click New.
Enter the absolute base URL for the website, e.g.
https://example.com
.
Salesforce requires the use of HTTPS for CORS origins.
NEXT: