Skip to content
Contact us
  • There are no suggestions because the search field is empty.

Authorize API Token in Salesforce

Set up secure API access using Named Credentials

This guide explains how to securely connect your Salesforce org to the sanctions.io API using a Named Credential. This setup enables a secure, scalable integration, allowing you to perform searches and retrieve results smoothly.

Topics Covered

Retrieving Your API Token

Adding your API Token to Salesforce Instance

→ Provisioning Permissions

 

Retrieving Your API Token

1. Log in to your sanctions.io portal.

2. In the left-side menu, click on API Settings.
auth-api-token-api-seetings

3. If no tokens are listed, click + Create New Token to generate one. If tokens are already available, you can skip ahead to Step 5.auth-api-token-create-api-token
4. Select Production as the environment, then click Create Token to generate a new one.
auth-api-token-create-api-token-1
5. Copy your API token. You'll use this in a later step.
auth-api-token-create-copy-token

 

Adding your API Token to Salesforce Instance

1. Open Salesforce Setup.
auth-api-token-salesforce-setup

2. Search for 'Named Credentials'.
auth-api-token-named-credentials3. Within Named Credentials, select External Credentials. Then, click on an existing entry.

auth-api-token-external-credentials

❗Note: Label names may vary depending on your organization's setup. If you're unsure, please check with your administrator.

4. Scroll down to the Principals section, where you’ll see an existing Principal listed. Under Actions, select Edit from the dropdown icon.
auth-api-token-principals

5. Click Add in the Authentication Parameters section.
auth-api-token-add-token

6. Enter 'Token' as the Parameter Name and paste your 'API token' as the Value. Then, Save to store the credentials. Your 'API token' is now securely configured!
auth-api-token-name-value-v1

 

Provisioning Permissions

This section explains how to provision the necessary permissions for both standard and custom Salesforce profiles. While standard profiles typically include access to the 'User External Credentials' object by default, custom profiles may not. Since this object stores the sanctions.io API key, you must ensure users with custom profiles are explicitly granted permission.

Standard User Permission Sets

To control access to sanctions.io features in Salesforce, two permission sets are available. Assign each based on the user’s responsibilities and level of access required.

  • sanctions.io Admin
    Grants full access to all sanctions.io features, including the Screening Setup dashboard used to configure Screening Settings and manage Batch Screenings. This permission set should be assigned to administrators or compliance managers responsible for configuring and maintaining the app.

Admins can:

    • Access and modify all screening settings
    • Set the confidence score threshold
    • Enable and configure triggers
    • Select sanctions and watchlists
    • Manage batch screenings
    • Access all screening data and audit logs
  • sanctions.io User
    Grants access to core, day-to-day screening functionality while restricting access to administrative tools and settings. This permission set should be assigned to users who perform regular screenings but do not manage configuration or batch processes.

Users can:

    • Have their newly created records automatically screened via triggers (if configured by the admin)
    • Perform one-click screenings on individual records
    • View and audit screening alert

Users cannot:

    • Access the Screening Setup dashboard
    • Modify screening settings or triggers
    • Manage or run batch screenings

Assigning Permission Sets to Standard Profiles

1. Go to Salesforce Setup → Permission Sets.

2. On the Permission Sets page, look for the permission set you need — sanctions.io Admin for administrators, or sanctions.io User for regular users.
auth-api-token-permission-sets-search

3. On the permission set detail page, click Manage Assignments.auth-api-token-permission-sets-manage

4. Click Add Assignments in the top-right corner.
auth-api-token-permission-sets-assign

5. Select the checkbox next to the user(s) you want to assign the permission set to. Then Next.

auth-api-token-permission-sets-select-users-v1

6. Select the desired expiration options, and click Assign.

auth-api-token-permission-sets-done

7. On the next screen, review the Assignment Summary, then click Done to complete it.

Granting Access to External Credentials to Custom Profiles

By default, Salesforce standard profiles include permission to read the User External Credentials object (this is where the sanctions.io API key is stored). However, if users are assigned to custom profiles, this permission may not be enabled automatically.

Required Step

You must ensure that all users who will be authenticating against the sanctions.io API have Read Access to the User External Credentials object.

You can do this in either of two ways:

  • Using Permission Sets
    1. Go to SetupPermission Sets.
    2. Select an existing Permission Set (or create a new one for sanctions.io users).
    3. Under Object Settings, locate User External Credentials.
    4. Click into the object and enable Read Access (you may also grant Create, Edit, and Delete if needed, but Read is required at minimum).
    5. Assign the Permission Set to the appropriate users.
  • Using User Profiles
    1. Go to SetupProfiles.
    2. Select the relevant custom profile.
    3. Under Object Settings, locate User External Credentials.
    4. Enable Read Access for this object (you may also grant Create, Edit, and Delete if needed, but Read is required at a minimum).

 

We're here to help!

If you have any questions or require further assistance, please don't hesitate to reach out to our support team.

  • Chat: Available directly in the sanctions.io portal or Help Center page

  • Emailhelp@sanctions.io

 

Related Articles

Manage Screening Settings in Salesforce

Configure Screening Fields and Related List

One-Click Screening: Button Setup