By: Dharmesh Patel
We depend on integrations to provide rich functionality to our users who would normally be required to interact with multiple applications. While there are many different types of useful integrations, let’s instead focus on Force.com Canvas integration. Canvas allows external web applications to communicate seamlessly with the Force.com platform. It provides a mechanism to expand your Salesforce capabilities without having to switch between web applications.
A few benefits of using Canvas:
- Since you are surfacing your existing web application inside of Salesforce, you avoid the additional effort of redesigning your application – enabling a much quicker integration.
- Canvas allows you to authenticate your users using OAuth 2.0 or a signed request, eliminating the need for users to authenticate to multiple applications.
- Canvas enables you to control what Salesforce data and functionality users of the hosted application can access.
- Installation and management of the application is handled by the system administrator.
While setting up a Canvas app is a straightforward configuration process in Salesforce, it does require proper planning. Here are few areas to consider:
Q: What security access method can your application support?
A: OAuth vs Signed Request, recommend using Signed Request because it doesn’t require additional coding
Q: Where will you surface your hosted application in Salesforce?
A: Options include Chatter, Sales & Service Consoles, Standard Page Layouts, Mobile Cards, Visualforce Pages, Lighting Components.
Q: What data exchange method should you use?
Q: UI/UX- Horizontal and vertical real estate, responsive design, multiple scrollbars?
A: First, create the UI framework which can help define canvas app width and height.
Q: Which Canvas app entitlements do you recommend?
A: Recommend using Permission Sets, which are easy to deploy.
Lets consider User Session Management (USM) in more detail — specifically, how to keep the Salesforce session and Canvas app session in synch. USM is essential for users to avoid being logged out of Salesforce or the Canvas App, due to inactivity. This causes both user experience (UX) issues. And more importantly, can lead to loss of data. USM issues occur when a user spends a considerable time inside of your Canvas application, while the Salesforce user session they’re using remains idle and times out, due to inactivity. Or you have a valid Canvas App session, but when it tries to communicate with Salesforce, the session is expired, and the user is then redirected to the login page.
To resolve this USM issue, I recommend that the Canvas app track the Salesforce session timeout period when the Canvas app is initiated. This app will then call the Salesforce refreshSignedRequest() method before the Salesforce session timeout is reached. This approach works without disrupting the end user’s session, and doesn’t cause a page reload. Click here for more details (including code samples) on using the refreshSignedRequest() method.
I hope this blog has provided thoughts on Canvas User Session Management. For more information on Force.com Canvas, we highly recommend reading this Canvas Developer Guide.