CRM Sync Technical Implementation and Security for Salesforce
This document describes the technical implementation and security of Sales Navigator CRM Sync for Salesforce, a capability which imports Salesforce CRM Data into Sales Navigator, and writes back select Sales Navigator activity to the CRM.
Current Features and Benefits
CRM Sync is a capability that enables LinkedIn Sales Solutions to match our People and Companies to the Leads, Contacts, and Accounts within your CRM, enabling a variety of time-saving features:
- Auto-Save – Auto-saving Accounts and Contacts associated with Open Opportunities for the Opportunity Owner, removing the manual step and ensuring those owners always get the latest Alerts on their most important Accounts and Contacts.
- CRM Badges – Enables links to the CRM from the Sales Navigator interface, and visual cues for when contacts are in CRM, not in CRM, or have out-of-date information, allowing for immediate navigation between Sales Navigator and related CRM records.
- Activity Writeback – Offers Sales Navigator admins the ability to enable Activity Writeback. With one click, Sales Navigator users can log InMails, messages, phone calls, notes, and Smart Links views back to CRM. And once enabled per user, it remembers the setting for the next InMail or note. (Can be deactivated by the user.)
- Search Filters – Activates a new search filter that allows you to limit Lead Search results to just those contacts included in your CRM or those that are not in your CRM.
- Contact Information – Displays contact information present in the CRM on Sales Navigator Lead pages, reducing user effort to access this information when working in Sales Navigator.
- Update Leads and Contacts – Allow leads and contacts to be updated directly from Sales Navigator to CRM with just a few clicks.
- ROI Reporting (Opt-In) – Allows your LinkedIn Account representative to generate customized ROI reports that reveal how usage of Sales Navigator has influenced or sourced opportunities found in the CRM.
- Seat Assignment – Allows Sales Navigator administrators to assign seats based on users found in the CRM.
Current Limitations of CRM Sync
- Creation of writeback data in CRM – CRM writeback functionality does not push, update, or create LinkedIn Company data into the CRM, it only pushes the activities users take.
- Single CRM Record Match Limit – LinkedIn Profiles and Accounts can only be linked to a single CRM record, so if you have intentionally duplicated CRM Leads or Contacts, our model will only pick the single best scoring match and all functionality will apply to that one contact.
- Once auto-saves are processed, we will NOT auto-unsave if ownership/other changes occur. That said, we will auto-save Contacts again as they are associated with new Open Opportunities for new owners.
- Activity writeback is now enabled by default for all users. But individual users can decide if they want to enable writeback or would prefer to turn it off.
- CRM Sync is only available to Advanced Plus customers and must be enabled through a LinkedIn account representative.
- CRM Sync is only compatible with the following versions of Salesforce: Enterprise, Unlimited, Developer, Performance, or Professional with API access enabled.
- Both Salesforce Classic and Lightning are supported.
- A Salesforce Administrator account is required when installing the integration.
- Sales Navigator for Salesforce app, installed by a Salesforce Administrator (required for writeback of data to the CRM, latest version recommended to ensure all the newest features are supported).
- A Sales Navigator Administrator account:
- Team member + Admin account is strongly recommended for ease of testing.
- You can connect to a CRM Sandbox environment to initially test CRM Sync with Sales Navigator and/or test new CRM features before releasing to all your users. To know more, visit this help center article.
- An integration user with the permissions as reflected here is required.
The CRM Sync (& Activity Writeback) is a bi-directional data flow that relies on secure, dedicated APIs between Sales Navigator (LinkedIn) and your CRM. Data is encrypted in transit between Salesforce and LinkedIn, relying on TLS over dedicated APIs. OAuth is used for authentication for a single administrator, system integration account, and individual seatholders. This allows customers to retain control of their data at a more granular level and ensure seatholders' CRM permissions are respected.
As a result, LinkedIn does not have access to the member’s CRM credentials, and the administrator can revoke the access token at any time either through Sales Navigator Admin settings or through the service provider’s Salesforce application authorization flow.
Sales Navigator imports/downloads Opportunity, Task, Contact, Account, Account Team and Lead data from the CRM. This data is processed to identify matching people and companies that exist in both LinkedIn and within your CRM. Matches are based on a scoring model that uses a variety of criteria including names, contact information, and geographic information.
A listing of all objects and fields downloaded and used in matching is included in the appendix.
Import and Matching Strategy
Imported data is stored securely within a Linkedin database.
- Matched Records – Matched CRM Accounts and Leads will have the “CRM” badge/link displayed and those that are associated with an open Opportunity are auto-saved in Sales Navigator for the Opportunity Owner.
- CRM Badge – Users will see a “CRM” badge within Sales Navigator for all matched records (CRM Accounts, Contacts, and Leads). Clicking this badge saves users time by taking them immediately to the corresponding CRM record in Salesforce.
- The “CRM Badge” badge is displayed for all Sales Navigator users, even if they do not have permission to view the matching object within the CRM (permissions limit access in CRM).
Unmatched Records – CRM records not matched will not show a CRM badge, but users can manually create matches from within the CRM using the Embedded Profile (Display Widget) integration – matches made in this fashion will be stored and visible to all users on the Sales Navigator contract.
- Incorrect Matches – If incorrect matches are found, then users can manually re-match to the correct Sales Navigator Lead/Account from within the CRM, on an individual basis, using the Embedded Profile (Display Widgets) integration – this match will be stored for all users on the contract. Users may also re-match Accounts from Sales Navigator Account Lists, by clicking on “Rematch Account” and searching for the correct CRM Account.
Match rates for all data are reported in aggregate within the Sales Navigator administrator console.
Frequency of Data Import
Sales Navigator imports data once during the initial configuration as well as on a daily basis, pulling updates/changes/new information every 12 hours. Each time new data is imported, it is processed to add new badges, contact information, auto-save leads/accounts, and update search filters. Sales Navigator admins can verify the last CRM sync by checking the timestamp in Admin Settings in Sales Navigator.
Sales Navigator makes most of its API calls to Salesforce using the Bulk APIs. This allows batching of calls and reduces the total number of total API calls – decreasing the likelihood of hitting CRM API limits.
Once matched auto-saves are processed, Sales Navigator does NOT auto-unsave if ownership/other changes occur. However, Contacts will be auto-saved again as they are associated with new Open Opportunities for new owners.
Sales Navigator will display basic Opportunity fields within Account Lists, including Opportunity Name, Owner, Close Date, and Status. Within an Account List, users will see Opportunity details only for Opportunities owned by themselves or list collaborators on.
If users click into the list for more detail, they can access a panel which displays the above fields for all Opportunities associated to the Account that are either Active or have been Closed in the past year.
Sales Navigator administrators can enable Activity Writeback, allowing users to log InMails, messages, phone calls, and notes back to CRM.
Users are able to writeback select Sales Navigator activities (Notes, InMails, Messages, Notes, Phone Calls) to the matched Account/Contact/Lead records in the CRM.
Writeback primarily works to CRM Leads/Contacts, Accounts Writeback only supports Notes.
Sales Navigator Admins can choose to enable and test Activity Writeback for their sync’d users.
Data Writeback Strategy
InMails and Messages are displayed as “Activities” and Notes are logged within the “Notes and Attachments” section of the Page Layout.
Activities are written back by the individual Sales Navigator end users.
To complete an activity writeback, users are first asked to either locate or create a CRM record.
Frequency of Export
- Activity is written back to the CRM instantly.
How is the imported CRM data used by LinkedIn?
The imported CRM data is used as a convenience to the end user to quickly sync their relevant Accounts and Contacts and power optimal use of our Sales Navigator tools with better alerts, search, and easy centralized access to contact information. In addition, the imported CRM data is used to ensure that actions taken within Sales Navigator are properly and immediately recorded to CRM, so that no information is lost and duplicative actions are not required by Sales Teams.
With your approval, LinkedIn may also use your imported CRM data to analyze and provide you with custom ROI reporting. These reports can help you understand the influence LinkedIn/Sales Navigator has on Opportunities in your pipeline, the value of those Opportunities, and how efficiently your sales professionals are able to close them.
What security protocols/measures does LinkedIn use to protect customer data and where is the data being stored?
In addition, the imported data is secured on production databases with limited audited access and is encrypted at rest, ensuring your private data is never used for anything other than the above mentioned purposes.
What data and customizations are pushed back into my CRM?
The data written back to the CRM is specified in the table in the appendix. Note that no existing data is ever over-written or merged, we only append new information within new activities or notes.
Limited customizations are made to the CRM through the Sales Navigator for Salesforce app, which contains metadata, fields, and record types specific to LinkedIn activities (eg. InMails, Messages).
Am I able to permanently delete any data sent from my CRM to Sales Navigator?
Yes. You may purge all imported CRM data at any time by clicking Disconnect and Continue. Data will be deleted within 30 days of disconnect.
Do I need to enable data writeback to my CRM in order to use the CRM Sync feature?
No. You can enable CRM sync to import CRM data (details above) into Sales Navigator, without turning on activity writeback.
When you are ready to turn on activity writeback, as an admin you’re able to 1) test the feature by writing a “test” note on a Sales Navigator lead and see if the writeback to the CRM works as expected and 2) choose to enable the specific activities you’d like to be written to the CRM.
How does LinkedIn authenticate to my Salesforce instance? How is that communication secured?
For all data integrations, we use OAuth to make the integration process seamless and to ensure a member is always in control of their data. For these integrations, LinkedIn does not have access to the member’s credentials, and the member can revoke the access token at any time either through Sales Navigator Admin settings or through the Salesforce application authorization flow. All our communication between LinkedIn and Salesforce is over TLS.
Did LinkedIn perform any penetration testing?
Yes, we have completed internal penetration testing of the CRM Sync feature and as of date, we are not aware of any issues that would compromise the confidentiality and integrity of the CRM data stored on LinkedIn’s platform.
Has the CRM Sync been certified on the Salesforce AppExchange?
Yes. LinkedIn is a certified Salesforce partner and complies with all required Salesforce policies. CRM Sync is not distributed through the Salesforce AppExchange, but directly uses Salesforce’s API to access and write clients’ Salesforce data.
What admin configuration tools are offered to manage the sync functionality?
LinkedIn offers the ability to control what users have auto-saving and writeback functionality, whether writeback is enabled at all, and then ability to clarify when deals enter your pipeline and what field revenue information is stored in. For more details, please see the Sync enablement guide here.
Can I block the integration user from accessing certain data?
Yes, you can block the integration user from accessing specific data at the record level only by leveraging CRM permissions.
Are Salesforce's Person Accounts supported?
Yes. Learn more here.
|Note||ParentId, Title, OwnerId, IsDeleted||Match CRM Notes to Notes in Sales Navigator|
|Event||OwnerId, Subject, WhoId, Type, IsPrivate, IsGroupEvent, IsRecurrence||Match CRM Events to Events in Sales Navigator |
|Lead||Id, City, Company, |
ConvertedDate, ConvertedOpportunityId, Country, CreatedDate, Email, FirstName,
Industry, IsConverted, IsUnreadByOwner, LastActivityDate, LastName, LastReferencedDate, LastViewedDate, LeadSource, OwnerId, Phone, State, Status, Street, Title, Website, LastModifiedDate
|Match CRM Leads to Leads in Sales Navigator|
|Id, AccountId, CreatedDate, Department, Description, Email, Fax, FirstName, LastActivityDate, LastName, LastModifiedDate, LastReferencedDate, LastViewedDate, LeadSource, MailingStreet, MailingCity, MailingCountry, MailingState, Name, Phone, Title||Match CRM Contacts to Leads in |
|Account||Id, Name, Website, AnnualRevenue, NumberOfEmployees, Phone, Industry, Type, BillingStreet, BillingCity, BillingState, BillingCountry, BillingPostalCode, CreatedDate, LastModifiedDate, OwnerId, Description, Fax,ParentId,ShippingCity, ShippingCountry, ShippingPostalCode, ShippingState, ShippingStreet, LastReferencedDate, LastViewedDate, Rating, TickerSymbol,Ownership||Match CRM Accounts to Accounts in |
|Id, AccountId, Amount, CloseDate, CreatedDate, IsClosed, IsWon, LastActivityDate, LastReferencedDate, LastViewedDate, LeadSource, Name, OwnerId, StageName, Type, LastModifiedDate|| |
Enable auto-save by allowing us to
Enable ROI reporting
|Id, ContactId, IsPrimary, OpportunityId, Role, CreatedDate, LastModifiedDate || |
Join Opportunity and Contact
information for processing
Id, Name, Department, Email, FirstName, LastName, Title, Phone, MobilePhone, IsActive, UserRoleId, CreatedDate, LastModifiedDate
Map CRM Users to Sales Navigator
|Id, Name, ParentRoleId, LastModifiedDate || |
Filter CRM users to specific groups
when selecting users to assign seats
|Account Teams||AccountId, AccountAccessLevel, ContactAccessLevel, CreatedDate, IsDeleted, LastModifiedDate, OpportunityAccessLevel, TeamMemberRole, UserId||Import teams to specific groups in Sales Navigator|
If you use custom fields to store any data points mentioned in this table, you can leverage Custom Field Mapping. Learn more about Custom Field Mapping from this help center article.
(standard task activity)
ActivityDate, OwnerId, WhoId, WhatId,
RecordTypeId, Subject, Status, Description
InMail messages written to
(standard task activity)
OwnerId, WhatId, WhoId, Subject, Status, Description
LinkedIn messages written to 1st
Owner, ParentId, Title, Body
Notes captured against Accounts or
Leads in Sales Navigator
Call (standard object)
RecordTypeId (custom task activity), OwnerId, WhoId, WhatId, Subject, Status, Description
Phone calls initiated via Sales Navigator Mobile App
|Smart Links Presentation Viewed (standard activity type)||actualstart, ownerid, description li_url,location, senton, subject||Smart Links Presentation viewed. The subject line will contain the type of task.|
- LinkedIn maintains ISO 27001 & ISO 27018 Certifications, as well as a SSAE-18 certification, SOC 2 Type I report
- LinkedIn meets the following compliance standards:
- TRUSTe's Privacy Seal
- U.S.-E.U. and U.S.-Swiss Safe Harbor Frameworks
- General Data Protection Regulation (GDPR)
For more information about our security practices, visit https://security.linkedin.com