How To Mass-Activate SCC Salesforce Access For An Org

Office 365 Google


To use SmartCloud Connect Admin panel, special access permissions are required. To request the permissions for your organization contact Invisible Support team by email. Please note that Admin panel access is only granted to Enterprise customers: the Panel provides tools for managing large numbers of users and most of the settings it includes duplicate SmartCloud Connect Customization and Sync settings on Admin level.

This article is an addition to the articles Managing Organizations and Managing Users.

The latest SmartCloud Connect updates provide the possibility to perform bulk authorization of SCC users in Salesforce. Combined with SCC Add-In mass deployment and mass Email access authorization via Exchange Impersonation, it allows to exclude the necessity of any setup actions from the end users. In addition, if this option is used, no authorization prompts will pop up for the end users to refresh an expired access token.

To set up immediate out-of-the-box Salesforce connection for all SCC users in your Org, use the new sub-tab Salesforce Connectivity of SCC Admin panel’s Organizations tab. A prerequisite for this feature is creation of either a service Salesforce account granted full data visibility in the Org or an API only user set up to authorize Salesforce access for multiple end users. Presently, the latter authentication option is unavailable.


Authorization using a service account with granted data visibility

Follow the below instruction to mass-authorize Salesforce access for the end users via the Salesforce Connectivity tab.


The Salesforce account to be used for this feature should be a specially created service-only account, no active SCC user account can be used for that.

1. Create a Salesforce user account in Salesforce with granted data visibility for all Org data (“View all data”) that will be accessed and managed by SCC users in your company. If you intend to mass-authorize SCC end users’ access to a Salesforce Sandbox environment, create a corresponding service user account in this environment.

2. Open SCC Admin panel > Organizations tab > Salesforce Connectivity sub-tab


3. On the sub-tab, toggle the switch button Login using Salesforce Service Account to Enabled

>>> Click to see a screenshot <<<


4. Presently, only the Salesforce OAuth authorization option is available; it implies that the pre-set service Salesforce account’s refresh token will be used to authorize access for a specified group of SCC end users.

5. Next, click Connect to Salesforce (regular Salesforce Org authorization) or Connect to Salesforce Sandbox (Salesforce Sandbox environment authorization) to proceed

>>> Click to see a screenshot <<<


6. Log in to the pre-set service account via a standard Salesforce OAuth window that will be opened in your browser

>>> Click to see a screenshot <<<


7. If authorization was successful, you will see Salesforce connection status: Salesforce connection established successfully and the service account’s user ID

>>> Click to see a screenshot <<<


Re-establishing connection after refresh token expiration


Users’ sync status/Salesforce connection can also be monitored via the Users sub-tab of Admin panel’s Organizations tab. Specifically, the users whose synchronization is suspended are marked with red color; if clicking on such user brings up a notification “invalid_grant: expired access/refresh token”, that means the user’s access token requires refreshing.


To get a new refresh token and re-establish Salesforce connection:

1. Open the Salesforce Connectivity tab of SCC Admin panel

2. Click Yes in the “Saleforce connectivity was lost …” dialog

>>> Click to see a screenshot <<<


3. Log in to the pre-set service account afresh via a standard Salesforce OAuth window that will be opened in your browser

Now SCC users’ Salesforce connection will be recovered.