Configure Salesforce.com for AI agent imports

To import AI agents from Salesforce.com, you need to perform several configuration tasks in your Salesforce.com tenant and in Okta.

After you've completed these configurations, follow the steps in Enable AI agent imports for an app.

Create a connected OAuth app

  1. Sign in to your Salesforce.com tenant.
  2. Select App ManagerNew Connected App.
  3. Set the connected app name to Okta AI Agent Import.
  4. Set the API name to Okta_AI_Agent_Import.
  5. Enter a contact email.
  6. Select Enable OAuth Settings.
  7. Set the callback URL to https://localhost.
  8. Select Enable Client Credentials Flow.
  9. Click Save.

Copy the consumer key and consumer secret

  1. In your Salesforce.com tenant, go to App Manager.
  2. Select Manage Consumer Details for the connected app that you created in the previous section.
  3. Enter your authentication credentials.
  4. Copy the Consumer Key and Consumer Secret.

Create a permission set

  1. In your Salesforce.com tenant, go to Permission Sets.
  2. Select New Permission Set.
  3. Set the label to AI Agent Import Permissions.
  4. Set the API name to AI_Agent_Import_Permissions.
  5. In Object Settings, select GenAiPlannerDefinition.
  6. In Object Permissions, select Read.
  7. Assign the permission set to the integration user.
  8. Go to Connected AppsManage Connected Apps and select the app that you created earlier.
  9. Click Edit Policies.
  10. Set Permitted Users to Admin approved users are pre-authorized.
  11. Go to Manage ProfilesPermission Sets.
  12. Add the appropriate profiles or permission sets.

Add a specific tenant URL to the app instance

  1. In the Admin Console, go to ApplicationsApplications.

  2. Select the Salesforce.com app instance.
  3. Go to the General tab.
  4. Click Edit in the App Setting section.
  5. Enter your tenant URL in the Custom Domain field.
  6. Click Save.

Configure your IP restrictions

Ensure that your Salesforce IP restrictions don't conflict with your import configurations in Okta.

  1. In your Salesforce tenant, open the OAuth policy settings for the client app.
  2. Select a Run As (Username) user whose profile has no Login IP Ranges. Or, select a user whose profile has all Login IP Ranges for your Okta cell. See Allow access to Okta IP addresses.

Next step

Enable AI agent imports for an app.