Setup Guide

This guide walks you through the complete setup process to connect your Salesforce org with aprity. Follow the steps in order from start to finish.

Prerequisites

Before you begin, make sure you have:

• A Salesforce org (Production, Sandbox, or Developer Edition)
• System Administrator access
• An activation code provided by aprity (included in your welcome email)

---

Step 1: Install the package

Install the aprity managed package using the installation link provided by aprity (via email or your account manager).

info

During installation, Salesforce will ask you to grant access to third-party websites (api.aprity.ai and cdn.aprity.ai). Click Yes, grant access to proceed.

For detailed installation instructions, see Installing the Managed Package.

---

Step 2: Assign permission set

1. Go to Setup > Permission Sets.
2. Find "Aprity Admin" and click on it.
3. Click Manage Assignments > Add Assignment.
4. Select your user and click Assign.

---

Step 3: Register your organization

1. Open the Aprity app from the App Launcher.
2. The Setup Wizard appears with a pre-registration checklist.
3. Enter the activation code provided by aprity.
4. Click Register.

---

Step 4: Create an External Client App

4.1 Download the certificate

In the aprity Setup Wizard, click "Download Certificate (.crt)" to save the aprity JWT certificate to your computer.

4.2 Create the app

1. In Salesforce Setup, type "External Client App" in Quick Find and open External Client App Manager.
2. Click "New External Client App".
3. Fill in:
   • External Client App Name: Aprity
   • Contact Email: contact@aprity.ai
   • Distribution State: Local
4. Check "Enable OAuth".
5. Set the Callback URL to:

   https://login.salesforce.com/services/oauth2/callback

6. Add the following OAuth Scopes:
   • Manage user data via APIs (api)
   • Perform requests at any time (refresh_token, offline_access)
7. Under Flow Enablement, check "Enable JWT Bearer Flow" and upload the .crt file you downloaded in step 4.1.
8. Click Create.

---

Step 5: Configure OAuth Policies

warning

Required: These settings are mandatory for JWT Bearer authentication. Without them, verification will fail.

1. Return to External Client App Manager and click on "Aprity".
2. Go to the Policies tab, then click Edit.
3. Under OAuth Policies > Plugin Policies, set Permitted Users to "Admin approved users are pre-authorized".
4. Under IP Relaxation, select "Relax IP restrictions".
5. Click Save. When prompted, click OK.
6. Click Manage Profiles and add the profile of the integration user (e.g., "System Administrator").
7. Click Save.

info

Important: The integration user's profile must be added via Manage Profiles. This authorizes the aprity backend to authenticate via JWT Bearer on behalf of this user. Without this step, verification will fail with "user hasn't approved this consumer".

---

Step 6: Copy the Consumer Key

1. In Salesforce Setup, open External Client App Manager.
2. Click on the "Aprity" app.
3. Go to the Settings tab.
4. In the OAuth Settings > App Settings section, click the "Consumer Key and Secret" button.
5. Salesforce will ask you to verify your identity via email -- enter the verification code sent to your email.
6. Copy the Consumer Key value.
7. Return to the aprity app and paste it in the Consumer Key field.

---

Step 7: Configure and verify

1. Enter the Salesforce Username of the integration user (e.g., admin@yourcompany.com). This is the username shown in Setup > Users.
2. The login URL is auto-detected. If auto-detection fails, you will be prompted to enter your My Domain URL manually.
3. Click "Configure & Verify".

tip

Success: When verification succeeds, you will see a green banner with your Salesforce instance URL. All setup steps should show as completed.

You are all set! Navigate to the Configuration tab to start your first metadata analysis. See Running Your First Scan for next steps.