Connect your Salesforce org
Step-by-step guide to connecting your Salesforce org to AuditForce so it can start tracking changes.
This guide walks you through connecting your org to AuditForce so it can start tracking changes. The whole process takes about 10 minutes.
Before you start
- You need an AuditForce account. If you haven't signed up yet, create your account first.
- You need Salesforce administrator access. You'll be creating a new app in your org's Setup.
Part 1: Create a dedicated app in Salesforce
AuditForce needs a dedicated app in your Salesforce org to connect securely. You'll create it in Setup, then copy two credentials from it.
1. Open Setup in your Salesforce org. Click the gear icon in the top-right corner, then click Setup.
2. Search for External Client Apps.
In the Quick Find box at the top of the left sidebar, type External Client Apps. Click the result.
3. Click New External Client App.
4. Fill in the basic details.
Enter an App Name (for example, AuditForce) and your Contact Email. Click Next.
5. Turn on OAuth settings. Under OAuth Settings, check the box next to "Enable OAuth Settings".
6. Set the Callback URL. Go back to your AuditForce connect page and copy the Callback URL shown there. Paste it exactly into the Callback URL field in Salesforce. It is case-sensitive.
7. Add the required OAuth scopes. Under Selected OAuth Scopes, find and add both of these:
- Manage user data via APIs (api)
- Perform requests at any time (refresh_token, offline_access)
8. Enable the authorization flow. Under Flow Enablement, check "Enable Authorization Code and Credentials Flow".
9. Require PKCE. Under Security, check "Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows".
10. Save and wait. Click Save, then Done. Salesforce takes 2 to 10 minutes to activate the app. You can move on while you wait.
11. Copy your Consumer Key and Consumer Secret. Reopen the app you just created. Click "Manage Consumer Details". Copy the Consumer Key and Consumer Secret. You'll need both in Part 2.
Part 2: Enter your credentials in AuditForce
1. Select your org type. On the AuditForce connect page, select Production or Sandbox depending on which org you're connecting.
2. Paste your Consumer Key.
This is the long alphanumeric string from your Salesforce app. It starts with 3MVG for most production orgs.
3. Paste your Consumer Secret. This is stored encrypted and never shared or logged.
4. Click "Connect Salesforce Org". You'll be redirected to Salesforce to confirm access.
5. Authorize AuditForce. A Salesforce login screen will appear. Sign in (or confirm you're already signed in), then click Allow.
6. You're done. You'll land on your AuditForce dashboard. Click "Run snapshot now" to take your first snapshot and see your org's recent changes.
What happens next
AuditForce checks your org once per day and shows all changes by severity: Critical, High, Medium, and Low. You'll get a daily email when there are changes to review. If a Critical change is detected and you have real-time alerts turned on, you'll get an alert right away without waiting for the daily email.
Required settings checklist
Before clicking Connect, confirm your Salesforce app has all of these:
| Setting | Value |
|---|---|
| Callback URL | Paste from AuditForce connect page exactly |
| OAuth Scopes | Manage user data via APIs + Perform requests at any time |
| Flow Enablement | Enable Authorization Code and Credentials Flow |
| Security | Require PKCE Extension |
Troubleshooting
"Could not connect your Salesforce org. Check your Consumer Key and Secret and try again." Your Consumer Key or Consumer Secret is wrong. Go back to your Salesforce app, click Manage Consumer Details, and re-copy both values. Make sure there are no extra spaces.
"Your session expired. Please start over." You took more than 10 minutes between entering your credentials and completing the Salesforce authorization. Go back to the connect page and start from Part 2. You'll need to paste your credentials again.
Salesforce shows an error about an invalid callback URL. The Callback URL in your Salesforce app does not exactly match the one AuditForce provided. Go back to your Salesforce app's OAuth settings and re-paste the Callback URL. It is case-sensitive.
The app says "Access Denied" after you authorized in Salesforce. You may have clicked Deny instead of Allow on the Salesforce authorization screen. Go back to the connect page and try again.
Your app is not activating or shows an error right after saving. Salesforce takes 2 to 10 minutes to activate a new app. Wait a few minutes, refresh the app page in Salesforce, and try connecting again from Part 2.
Frequently asked questions
Do I need to be a Salesforce system administrator? Yes. You need admin access to create apps in Setup. If you're not an admin, ask your Salesforce admin to create the app and give you the Consumer Key and Consumer Secret.
Does AuditForce need write access to my org? No. AuditForce only reads your org's change history. It cannot make any changes to your data or configuration.
Can I connect a sandbox org? Yes. Select "Sandbox" on the connect page before entering your credentials.
Can I connect more than one org? Not in the current version. AuditForce supports one org per account. Multi-org support is on the roadmap.
What happens if I disconnect my org? AuditForce stops checking your org. Your existing change history stays in AuditForce until you delete your account. You can reconnect at any time.