Skip to main content

Who is this article for?

Incydr Professional, Enterprise, Horizon, and Gov F2
Incydr Basic, Advanced, and Gov F1

Find your product plan in the Code42 console on the Account menu.

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

Code42 Support

Connect Code42 to Salesforce


Connect Code42 to your Salesforce environment to monitor when reports are downloaded to both corporate and personal endpoints to secure this vital data.

When you add Salesforce as a data connection, Code42 monitors your environment for when a user downloads a report from Salesforce. When this file activity occurs, Code42 then displays that event on dashboards, in alert notifications, and in Forensic Search.

This article explains how to connect Code42 to your Salesforce environment.


  • Code42 connects to your environment using a service account that requires one of your Salesforce user licenses. To free up a Salesforce license, you may need to reassign a user to a profile that uses a different license, or contact Salesforce to increase your license count.
  • Code42 monitoring requires that streaming of these events is enabled in the Salesforce Event Manager for your organization:
    • Login Event
    • Logout Event
    • Report Event
  • Code42 only monitors the users in your environment that:
    • Are in scope according to your selection during authorization (all users, only specific users, or only the users in specific public groups).
    • Have the "Report export" permission. Only users with this permission can generate and export reports from Salesforce data. You can use the Workbench tool to list Salesforce users that have this permission.

Before you begin

Before you authorize the Code42 connection to your Salesforce environment, complete these steps:

  1. Verify that you have the required Salesforce edition and add-on subscription.
  2. Identify the users you want the connection to monitor, and verify these users have the "Report export" permission in Salesforce.
  3. Configure your Salesforce environment:
    • Enable the required event streams
    • Create a custom profile for the Code42 service account
    • Create a new user for the Code42 service account and assign it the new custom profile

Connect Code42 to Salesforce

Step 1: Add the connection in the Code42 console

  1. Sign in to the Code42 console
  2. Select Administration > Integrations > Data Connections.
  3. Click Add data connection.
    The Add data connection panel opens.
    Add Salesforce data connection
  4. From Data connection, select Salesforce under Business tools.
  5. Enter a Display name. This name must be unique.
  6. Read the steps under Complete these steps in Salesforce.
    You must verify that you've completed the required configuration within Salesforce to enable event streams and create a service account for the Code42 connection. You completed this in Before you begin by enabling the event streams and by establishing the custom profile and Code42 user service account.
  7. Select I've completed these steps.
  8. Click Continue.

Step 2: Add users

  1. Select the scope of users in your Salesforce environment to monitor:
    • All: Monitors all users with the "Report export" permission in your Salesforce environment.
    • Specific users: Monitors only the Salesforce users you designate that also have the the "Report export" permission.
      1. Click Upload .CSV file.
      2. Select the scoping CSV file that contains only a list of only those users you want to monitor.
    • Specific groups: Monitors only the users that also have the "Report export" permission in the Salesforce groups you designate.
      1. Click Upload .CSV file.
      2. Select the scoping CSV file that contains a list of only those groups in Salesforce whose users you want to monitor.

    Add Salesforce users

  2. Click Continue.

Step 3: Verify and authorize the connection

  1. Enter the Salesforce My Domain URL that you use to log into your organization in Salesforce. Include the suffix.
    Salesforce creates a custom My Domain for each organization. This My Domain gives your organization a custom URL for logging in and increases security. If you do not know your organization's My Domain, leave this blank. Code42 directs you to Salesforce's standard login page ( to log in and authorize the Code42 connection.
    Add your Salesforce My Domain
  2. When the Salesforce login page opens, enter the credentials of the secure Salesforce API user account you created as a service account for the Code42 connection.
    Enter your custom Salesforce domain, if needed
    If your company uses a custom domain to log in to Salesforce (such as or, click Use Custom Domain in the bottom right corner of the Salesforce login dialog box. You are redirected to the Use Custom Domain page where you can log in using that custom domain.
  3. Review the access and permissions that Code42 is requesting to connect to your Salesforce environment, and then click Allow.
    Salesforce is added as a data connection and Code42 starts to scan your environment to discover users that are in scope and that have the "Report export" permission.
After authorization, Code42 collects usernames as users log into Salesforce
Once the connection is authorized, Code42 detects usernames as your Salesforce users log in to your environment. Code42 matches report export activity to these usernames when it happens and displays information about those events in Forensic Search.

Code42 cannot collect usernames from users who are already logged in to Salesforce when the connection is authorized. Instead, usernames for these users are detected once they log out (either manually themselves or automatically via session timeout settings) and then log back in. For testing purposes or to start collecting usernames immediately, you can force users to log back in to Salesforce by manually removing user sessions.


Issues with the service account user or in your Salesforce environment can cause errors with the Code42 connection. When such issues occur, the Salesforce connection in the Data Connections table is highlighted in red and an error message is displayed at the top of the screen.

When this occurs, click the Salesforce connection in the Data Connections table. The detail panel opens and lists the source of the error so that you can resolve it.

Refer to these articles to troubleshoot specific errors:

  • Was this article helpful?