Accessing user data
These projects allow access to Salesforce data from a Qorus Integration Engine(R) application instance. The Qorus application instance communicates directly with Salesforce APIs.
The Qorus Salesforce Access project never receives your data or the permission to access your data.
When the Qore Technologies' cloud API is used for the authorization code flow, only anonymous information about the OAuth2 server used is stored; no customer-identifiable information is logged or stored on Qore Technologies' systems.
When the local server is used for the authorization flow, all data related to access to Salesforce resources is stored on the local Qorus application instance.
Qorus Integration Engine(R) includes functionality (APIs and no-code integration objects) that you can execute in order to read or modify your own data. This can only happen after you provide a token, which requires that you authenticate yourself as a specific Salesforce user and authorize these actions.
Qorus Integration Engine(R) can help you get a token by guiding you through the OAuth flow in the browser. There you must consent to allow the Qorus Salesforce Access project to access data on your behalf. The OAuth consent screen will describe the scope of what is being authorized, e.g., it will name the target API(s) and whether you are authorizing “read only” or “read and write” access.
There is another way to configure Qorus Integration Engine(R) to access Salesforce data without authorizing the Qorus Salesforce Access project: configure a connection to use an OAuth client of your choice.
This application requests maximum scopes to create, read, update, and delete data in your Salesforce instance from automation code and configuration in Qorus Integration Engine(R).
Sharing user data
No user data is shared with Qore Technologies or any other servers.
Storing user data
This project stores credentials in the initiating Qorus Integration Engine(R) application instance to enable access to Salesforce APIs on your behalf. Be aware that authorizing a Qorus Integration Engine(R) instance to access Salesforce data enables access to that data by any user that can access the Qorus Integration Engine(R) instance with appropriate permissions to access the Salesforce REST connection created. Use caution when granting access to sensitive information on an application instance shared with other users.
By default, OAuth tokens are stored against a Qorus connection.
Policies for authors of packages or other applications
Do not use client IDs or client secrets from the Qorus Salesforce Access project in any external package or tool.
The Qorus Salesforce Access project is designed to work only with Qorus Integration Engine(R) and should never be used for any other purpose or in any other context.