> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cora.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Sync Salesforce accounts, contacts, and cases with Cora

> Authorize Cora to access your Salesforce org so it can sync accounts, contacts, opportunities, and cases to power customer insights and workflows.

Connecting Salesforce gives Cora access to your CRM data — accounts, contacts, opportunities, cases, and custom objects — so it can surface customer insights and keep your team informed. Setup takes 5–10 minutes and requires a Salesforce System Administrator.

| Detail           | Value                                         |
| ---------------- | --------------------------------------------- |
| Integration type | OAuth 2.0, Organization-Level                 |
| Setup time       | 5–10 minutes                                  |
| Required role    | Salesforce System Administrator or equivalent |

## Prerequisites

Before you start, make sure you have:

* An active Salesforce account (Sales Cloud, Service Cloud, or similar)
* System Administrator or API Enabled permissions in Salesforce
* Organization administrator access in Cora

<Note>
  You do not need to create a Connected App in Salesforce. The Cora integration is fully managed on Cora's side.
</Note>

## Required permissions

Cora will request the following Salesforce permissions:

* **API Access** (`api`) — Access Salesforce APIs
* **Perform requests at any time** (`refresh_token`, `offline_access`) — Maintain a persistent connection

Cora can only access Salesforce data that the connected user has permission to see. Access is controlled by the Salesforce user's profile, permission sets, and sharing rules.

**Recommended objects:** Accounts, Contacts, Opportunities, Cases, Custom Objects (as needed)

**Best practice:** Create a dedicated Salesforce integration user with a custom profile that grants access only to the objects and fields Cora needs. This gives you granular control over accessible data, a clear audit trail for all API activity, and easier permission management without affecting other users.

## Setup

<Steps>
  <Step title="Approve the Cora Connected App in Salesforce">
    Salesforce requires your org to explicitly approve third-party Connected Apps before they can be authorized. You'll need to create a temporary permission set to allow this.

    1. In Salesforce, go to **Setup** → **Permission Sets**
    2. Click **New** and name it something like "Cora Integration Access"
    3. In the new permission set, click **System Permissions** → **Edit**
    4. Check the box for **Approve Uninstalled Connected Apps** and click **Save**
    5. Click **Manage Assignments** → **Add Assignments**
    6. Select the user who will connect Salesforce to Cora and click **Assign**

    <Warning>
      Without the **Approve Uninstalled Connected Apps** permission, authorization will fail at the point you click **Connect**. Assign this permission before proceeding to the next step.
    </Warning>

    You can safely remove this permission set after the connection is established (see step 6).
  </Step>

  <Step title="Initiate the connection in Cora">
    1. Log into Cora as an **organization administrator**
    2. Navigate to **Settings** → **Organization Settings** → **Integrations**
    3. Locate the **Salesforce** integration card
    4. Click **Connect**
  </Step>

  <Step title="Authenticate with Salesforce">
    1. You will be redirected to the Salesforce login page
    2. Enter your Salesforce credentials
    3. Select the appropriate Salesforce instance (Production or Sandbox)
  </Step>

  <Step title="Grant permissions">
    1. Review the permissions Cora is requesting
    2. Verify the requested scopes align with your security policies
    3. Click **Allow** to grant access
  </Step>

  <Step title="Confirm the connection">
    1. You will be redirected back to Cora
    2. The Salesforce integration card will show **Connected** status
    3. Connection details will display: the admin who connected, the connection date, and the instance (Production or Sandbox)
  </Step>

  <Step title="Clean up (optional)">
    Once the connection is confirmed, remove the temporary permission set you created in step 1. In Salesforce, go to **Setup** → **Permission Sets**, select "Cora Integration Access", and delete it.
  </Step>
</Steps>

## How the sync works

Cora uses **scheduled API polling** to keep your Salesforce data up to date:

* **Standard REST API** — Cora periodically queries Salesforce's standard API to pull the latest data. No CDC, Platform Events, or Apex triggers are involved.
* **Nothing installed in your org** — No packages, triggers, or custom objects are created in your Salesforce instance. All processing happens on Cora's infrastructure.
* **Change detection on Cora's side** — Cora compares current field values against a previous snapshot stored on its infrastructure. All comparison and change detection logic runs on Cora's side.
* **API usage** — Only standard Salesforce API calls are made, counting toward your org's daily API request limit. If API limits become a concern, Cora can adjust the polling frequency.

<Note>
  No packages or custom objects are ever installed in your Salesforce org. All sync logic runs entirely on Cora's infrastructure.
</Note>

## Security

The Cora Salesforce integration uses standard OAuth 2.0 with scoped permissions. All tokens are stored in an encrypted, SOC 2 Type II-certified vault. Cora can only access data that the connected Salesforce user has permission to see.

## Troubleshooting

**Authorization fails when clicking Connect**

The most common cause is the missing **Approve Uninstalled Connected Apps** permission. Follow the steps in "Approve the Cora Connected App in Salesforce" above to create and assign the required permission set, then try connecting again.

**Need help?**

If you run into any issues not covered here, email [support@cora.ai](mailto:support@cora.ai) and we'll help you get connected.
