CRM Embedded Profiles and Embedded Experiences (Widget)
Technical and Security Documentation for Salesforce and Microsoft Dynamics
This document describes the technical implementation and security for Sales Navigator’s Embedded Profiles and Embedded Experiences (aka “Widget”) with Salesforce and Microsoft Dynamics.
Salesforce
Microsoft Dynamics
Technical Requirements
- A CRM org instance of either Salesforce or Microsoft Dynamics:
- Salesforce – Professional with API Access and Chatter enabled, Enterprise, Unlimited, Developer, or Performance edition.
- Microsoft Dynamics – 365 or Dynamics CRM 2016 (online only).
- The Sales Navigator for Salesforce or Sales Navigator for Microsoft Dynamics apps, installed by a CRM Administrator.
- A pre-existing Sales Navigator Advanced or Advanced Plus edition account to authenticate to the plug-in (per user).
- A JavaScript enabled browser.
- Authentication via Linkedin.com or SSO (if configured)
Technical Overview for Embedded Profiles and Embedded Experiences
The following is a technical overview for how LinkedIn’s integration works for both Salesforce and Microsoft Dynamics.
- To enable and configure Embedded Profiles and Embedded Experiences, a CRM admin must first install the Sales Navigator for Salesforce or Sales Navigator for Microsoft Dynamics app package.
- On Salesforce, after enabling Embedded Experiences, the LinkedIn Sales Navigator Standard User permission set must be assigned to any non-system admin that you want to provide access to Embedded Profiles or Embedded Experiences (Advanced Plus Only). This is an additional compliance step that is required by Salesforce. For more information on assigning permission sets, see this help center article.
- Our JavaScript plug-in widgets can be embedded within the CRM object pages (lead, contact, account, and opportunity).
- To make a “match” between a CRM record and a LinkedIn entity, object parameters are passed securely to LinkedIn via SSL:
- For company profile cards: company name, industry, location, and website.
- For member profile cards: first name, last name, company name, title, and email.
- If a CRM record has been manually matched (corrected or selected from a shown list of potential options) to a LinkedIn member or company profile, LinkedIn stores that mapping of LinkedIn memberID and CRM RecordID.
- Mappings can also be stored if CRM Sync is enabled. (Click to learn more about CRM Sync.)
- To show best results, manual override matches will be used first, then CRM Sync matches (if enabled). If neither of those is available, then parameters described above will be sent to find next best available match(s).
- The CRM apps will also use the LinkedIn member profile associated with an individual user to provide that user with personalized information, such as their connection to potential leads and contacts.
- No CRM credentials or record data are stored.
Note: Sales Navigator CRM apps display a variety of LinkedIn data within a user’s instance of the CRM. The data is not stored in the user’s CRM record nor will it update the CRM record automatically.
Guidelines for signing in
- When signing in to the widget, you are prompted to use your Linkedin.com credentials.
- If SSO is enabled, you will need to click into the Embedded Profile to authenticate and enable the connection. Then a pop up is initiated for your SSO login.
Note: The User Authentication Token may be revoked as a part of your authentication protocols from your Identity Provider. This may require users to re-authenticate with the CRM Embedded Profile.
Data Flow Diagram
Security Overview
We have designed the Sales Navigator CRM apps to be secure.
- Utilizes existing LinkedIn.com or SSO authentication (if configured).
- All parameters are passed securely via SSL.
- Built using LinkedIn’s Connect framework.
- Framework supports HTTPS.
- When framework is loaded, document that loads the framework is scanned to locate LinkedIn’s tags for delivering custom content.
- No CRM credentials or record data are stored by LinkedIn, only a mapping of LinkedIn member or company ID to CRM Record ID. This allows efficient lookup of the right LinkedIn member or company on load of the CRM record page.
- Some basic details about the site (web headers, page views, etc) are retained in loading process to help LinkedIn understand usage patterns, plan capacity, and to ensure a seamless user experience.
Certifications and Compliance Standards
- LinkedIn maintains ISO 27001 & ISO 27018 Certifications, as well as a SSAE-18 certification, SOC 2 Type I report
- LinkedIn meets the following compliance standards:
- TRUSTe's Privacy Seal
- U.S.-E.U. and U.S.-Swiss Safe Harbor Frameworks
- General Data Protection Regulation (GDPR)
To view our Privacy Policy, visit https://www.linkedin.com/legal/privacy-policy
For more information about our security practices, visit https://security.linkedin.com