cloudflare · maxvp · Feb 6, 2025 · Jan 30, 2025 · Jan 30, 2025 · Feb 6, 2025
@@ -25,5 +25,6 @@ You can integrate the following SaaS applications and cloud environments with Cl
   - [SharePoint](/cloudflare-one/applications/casb/casb-integrations/microsoft-365/sharepoint/)
   - [Outlook](/cloudflare-one/applications/casb/casb-integrations/microsoft-365/outlook/)
 - [Salesforce](/cloudflare-one/applications/casb/casb-integrations/salesforce/)
+- [Salesforce (FedRAMP)](/cloudflare-one/applications/casb/casb-integrations/salesforce-fedramp/)
 - [ServiceNow](/cloudflare-one/applications/casb/casb-integrations/servicenow/)
 - [Slack](/cloudflare-one/applications/casb/casb-integrations/slack/)
@@ -0,0 +1,19 @@
+---
+pcx_content_type: reference
+title: Salesforce (FedRAMP)
+rss: file
+head:
+  - tag: title
+    content: Salesforce (FedRAMP) - CASB
+---
+
+import { Render } from "~/components";
+
+<Render
+	file="casb/salesforce-integration"
+	params={{
+		integrationName: "Salesforce (FedRAMP)",
+		environmentName: "FedRAMP-compliant Salesforce environment",
+		slugifiedName: "salesforce-fedramp",
+	}}
+/>
@@ -10,69 +10,10 @@ head:
 import { Render } from "~/components";
 
 <Render
-  file="casb/integration-description"
-  params={{ one: "Salesforce", two: "Salesforce environment" }}
+	file="casb/salesforce-integration"
+	params={{
+		integrationName: "Salesforce",
+		environmentName: "Salesforce environment",
+		slugifiedName: "salesforce",
+	}}
 />
-
-## Integration prerequisites
-
-- A Salesforce environment (most editions are compatible)
-- Permissions to a Salesforce organization with either:
-
-  - System Administrator permission
-  - Permissions for View Setup and Configuration, Customize Applications, and Modify All Data
-
-## Integration permissions
-
-For the Salesforce integration to function, Cloudflare CASB requires the following Salesforce permissions via a Connected App:
-
-- `Manage user data via APIs (api)`
-- `Manage user data via Web browsers (web)`
-- `Perform requests at any time (refresh_token, offline_access)`
-- `Access unique user identifiers (openid)`
-
-These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission, refer to the [Salesforce OAuth Tokens and Scopes documentation](https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_tokens_scopes.htm).
-
-## Security findings
-
-<Render
-  file="casb/security-findings"
-  params={{ one: "Salesforce", two: "salesforce" }}
-/>
-
-### File sharing
-
-Identify uploaded content, files, and attachments that have been shared in a potentially insecure fashion.
-
-| Finding type                                                                        | FindingTypeID                          | Severity |
-| ----------------------------------------------------------------------------------- | -------------------------------------- | -------- |
-| Salesforce: Content Document publicly accessible without a password                 | `4cde56ed-19db-4cdb-a6c6-3aede5e17785` | Critical |
-| Salesforce: Content Document publicly accessible with weak password                 | `68c43ab8-733d-4798-b25f-202f6fcf435f` | High     |
-| Salesforce: Content Document publicly accessible and password protected             | `75194f6b-5a95-48fa-b485-37181d2d19c8` | Medium   |
-| Salesforce: Content Document shared and not viewed in 12+ months (stale permission) | `7125e209-234a-4f10-89d2-1af0601c277f` | Medium   |
-| Salesforce: Content Document larger than 2 GB                                       | `3d21de13-4b9f-483c-921a-44cdef7a58c5` | Medium   |
-
-### Account misconfigurations
-
-Discover account and admin-level settings that have been configured in an insecure way.
-
-| Finding type                                              | FindingTypeID                          | Severity |
-| --------------------------------------------------------- | -------------------------------------- | -------- |
-| Salesforce: Domain without HTTPS                          | `20916e32-442e-4622-9e54-e1f37eb7d79f` | High     |
-| Salesforce: Default Account record access allows edit     | `316f1d9a-447e-432c-add7-7adde67c4f19` | Medium   |
-| Salesforce: Default Case record access allows edit        | `a7c8eb3e-b5be-4bfc-969a-358186bf927a` | Medium   |
-| Salesforce: Default Contact record access allows edit     | `e7be14f0-24d6-4d6c-9e12-ca3f23d34ba9` | Medium   |
-| Salesforce: Default Lead record access allows edit        | `12fde974-45e8-4449-8bf4-dc319370d5ca` | Medium   |
-| Salesforce: Default Opportunity record access allows edit | `2ab78d14-e804-4334-9d46-213d8798dd2a` | Medium   |
-| Salesforce: Organization with active compliance BCC email | `43e5fd20-1cba-4f1d-aa39-90c7ce2e088a` | Low      |
-
-### User access
-
-Flag user access issues, including account misuse and users not following best practices.
-
-| Finding type                                                | FindingTypeID                          | Severity |
-| ----------------------------------------------------------- | -------------------------------------- | -------- |
-| Salesforce: User sending email with different email address | `a2790c4f-03f5-449f-b209-5f4447f417af` | Medium   |
-| Salesforce: Inactive user                                   | `57e44995-c7ad-46fe-9c55-59706e663adf` | Low      |
-| Salesforce: User has never logged in                        | `a0bf74df-c796-4574-ac1c-0f239ea8c9ac` | Low      |
-| Salesforce: User has not logged in for 90+ days             | `8395c824-bc44-4c12-b300-40f2477384d4` | Low      |
@@ -1,12 +1,5 @@
 ---
 inputParameters: integrationName;;integrationAccountType
-
 ---
 
-import { Markdown } from "~/components"
-
-<div class="special-class" markdown="1">
-
 The {props.one} integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated {props.two} that could leave you and your organization vulnerable.
-
-</div>
@@ -0,0 +1,75 @@
+---
+params:
+  - integrationName
+  - environmentName
+  - slugifiedName
+---
+
+import { Render } from "~/components";
+
+<Render
+	file="casb/integration-description"
+	params={{ one: props.integrationName, two: props.environmentName }}
+/>
+
+## Integration prerequisites
+
+- A {props.environmentName} (most editions are compatible)
+- Permissions to a Salesforce organization with either:
+  - System Administrator permission
+  - Permissions for View Setup and Configuration, Customize Applications, and Modify All Data
+
+## Integration permissions
+
+For the {props.integrationName} integration to function, Cloudflare CASB requires the following Salesforce permissions via a Connected App:
+
+- `Manage user data via APIs (api)`
+- `Manage user data via Web browsers (web)`
+- `Perform requests at any time (refresh_token, offline_access)`
+- `Access unique user identifiers (openid)`
+
+These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission, refer to the [Salesforce OAuth Tokens and Scopes documentation](https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_tokens_scopes.htm).
+
+## Security findings
+
+<Render
+	file="casb/security-findings"
+	params={{ one: props.integrationName, two: props.slugifiedName }}
+/>
+
+### File sharing
+
+Identify uploaded content, files, and attachments that have been shared in a potentially insecure fashion.
+
+| Finding type                                                                                     | FindingTypeID                          | Severity |
+| ------------------------------------------------------------------------------------------------ | -------------------------------------- | -------- |
+| {props.integrationName}: Content Document publicly accessible without a password                 | `4cde56ed-19db-4cdb-a6c6-3aede5e17785` | Critical |
+| {props.integrationName}: Content Document publicly accessible with weak password                 | `68c43ab8-733d-4798-b25f-202f6fcf435f` | High     |
+| {props.integrationName}: Content Document publicly accessible and password protected             | `75194f6b-5a95-48fa-b485-37181d2d19c8` | Medium   |
+| {props.integrationName}: Content Document shared and not viewed in 12+ months (stale permission) | `7125e209-234a-4f10-89d2-1af0601c277f` | Medium   |
+| {props.integrationName}: Content Document larger than 2 GB                                       | `3d21de13-4b9f-483c-921a-44cdef7a58c5` | Medium   |
+
+### Account misconfigurations
+
+Discover account and admin-level settings that have been configured in an insecure way.
+
+| Finding type                                                           | FindingTypeID                          | Severity |
+| ---------------------------------------------------------------------- | -------------------------------------- | -------- |
+| {props.integrationName}: Domain without HTTPS                          | `20916e32-442e-4622-9e54-e1f37eb7d79f` | High     |
+| {props.integrationName}: Default Account record access allows edit     | `316f1d9a-447e-432c-add7-7adde67c4f19` | Medium   |
+| {props.integrationName}: Default Case record access allows edit        | `a7c8eb3e-b5be-4bfc-969a-358186bf927a` | Medium   |
+| {props.integrationName}: Default Contact record access allows edit     | `e7be14f0-24d6-4d6c-9e12-ca3f23d34ba9` | Medium   |
+| {props.integrationName}: Default Lead record access allows edit        | `12fde974-45e8-4449-8bf4-dc319370d5ca` | Medium   |
+| {props.integrationName}: Default Opportunity record access allows edit | `2ab78d14-e804-4334-9d46-213d8798dd2a` | Medium   |
+| {props.integrationName}: Organization with active compliance BCC email | `43e5fd20-1cba-4f1d-aa39-90c7ce2e088a` | Low      |
+
+### User access
+
+Flag user access issues, including account misuse and users not following best practices.
+
+| Finding type                                                             | FindingTypeID                          | Severity |
+| ------------------------------------------------------------------------ | -------------------------------------- | -------- |
+| {props.integrationName}: User sending email with different email address | `a2790c4f-03f5-449f-b209-5f4447f417af` | Medium   |
+| {props.integrationName}: Inactive user                                   | `57e44995-c7ad-46fe-9c55-59706e663adf` | Low      |
+| {props.integrationName}: User has never logged in                        | `a0bf74df-c796-4574-ac1c-0f239ea8c9ac` | Low      |
+| {props.integrationName}: User has not logged in for 90+ days             | `8395c824-bc44-4c12-b300-40f2477384d4` | Low      |
@@ -2,8 +2,4 @@
 {}
 ---
 
-<div class="special-class" markdown="1">
-
 To access some file findings, you may need to review shared links. For more information, refer to [View shared files](/cloudflare-one/applications/casb/manage-findings/#view-shared-files).
-
-</div>
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,8 +2,4 @@ @@
     {}
     ---
-    <div class="special-class" markdown="1">
     To access some file findings, you may need to review shared links. For more information, refer to [View shared files](/cloudflare-one/applications/casb/manage-findings/#view-shared-files).
-    </div>