This document is intended as an additional reference for allowing S-Docs Jobs or REST API calls to be run as a specified user. If you are looking to automate S-Docs, we strongly recommend you use the newer method involving the S-Docs Jobs Object. Click here for the complete guide to automating S-Docs with S-Docs Jobs.

If you have already automated S-Docs in the past with the REST API method and need to review the details, you can click here for the complete guide to automating S-Docs with the REST API.

Running S-Docs Jobs and REST API calls as any user is simple; getting Salesforce to allow this, however, is a bit more work. This document discusses how you can get Salesforce to allow you to run S-Docs Jobs and REST API calls as another user; please see the above documents for steps on actually running S-Docs as a specified user. This setup uses JWT Bearer assertion flow to run as any user without preauthorization. The steps include adding remote site settings, creating a connected app, and linking the app details to S-Docs via a custom settings entry.

    1. Configure Remote Site Settings. Navigate to Setup > Security Controls > Remote Site Settings
      1. Click New Remote Site. For Remote Site Name, enter whatever you'd like. For Remote Site URL, enter:
        • For production: https://login.salesforce.com
        • For sandbox: https://test.salesforce.com
      2. Click New Remote Site. For Remote Site Name, enter whatever you'd like. For Remote Site URL, enter the URL for your own Salesforce instance (You can copy+paste this from your address bar, e.g. https://na1.salesforce.com or https://cs2.salesforce.com. In the URL, note that the number after na or cs will vary).
    2. Configure Salesforce Connected App
      1. Create Certificate. Go to Setup > Security Controls > Certificate and Key Management
        1. Click "Create Self Signed Certificate." Name it SDocsCert. Click Download Cert, as we will use this later.
      2. Create Connected App. Navigate to SetupBuildCreateApps, Scroll down to Connected Apps, Click New.
        1. Fill in the required fields as such: Connected App Name: Sdocs Connected Apps, API Name: Sdocs_Connected_App, Contact Email: support@sdocs.com
        2. Check API (Enable OAuth Settings), and set Callback URL to:
          • For production: https://login.salesforce.com/services/oauth2/callback
          • For sandbox: https://test.salesforce.com/services/oauth2/callback
        3. Check Use digital signatures, and upload the saved Cert from step 1.
        4. Select the following OAuth scopes and click the Add button: Perform requests on your behalf at any time, Access and manage your data, Access and manage your Chatter data.
        5. Save.
        6. Navigate to Setup > Build > Create > Apps, Click Manage link next to app.
          • Click Edit and then set Permitted Users to Admin approved users are pre-authorized.
          • Set IP restrictions per your corp policy.
          • Set refresh Token is valid until revoked.
          • Save your changes.
          • Under the Profiles section, add All user profiles that will generate documents and save your changes.
      3. Create Custom Setting Entries
        1. Go to Setup > Build > Develop > Custom Settings. Click Manage link next to SDocsSettings entry.
        2. Click New.
          • Enter name: SDocsSettings.
          • iCertificate Name is SDocsCert (from the Create Certificate step).
          • Connected App Consumer Key - copy/paste this from app info (go to Setup > Create > Apps, click on SDocs Connected App Link, and copy the consumer key field).
          • Connected App Login URL:
            • For production: https://login.salesforce.com
            • For sandbox: https://test.salesforce.com
          • ConnectedAppUserName – set this to a default valid username (which is an email address format) that will be used as a backup if the provided username is not found or not valid.
    3.  Configure Process Builder
      1. For the Process Builder that you are going to use with Run As User/Connected Apps you will need to add one additional field. Please refer to the "Using S-Docs Jobs with Process Builder" section in this article.
        1. To add an additional field select Add Row.
        2. Select Field Run As User.
        3. Type = String; Value = Username of the admin to be used as the running user.

Upon completion, you should be able to invoke the call using any username. To verify the process, you can go to:
Setup > Administrations Setup > Monitoring > Apex Jobs.

If you require additional error handling, this should be done within your own code base.

My Self-Signed Certificate is Expiring Soon!

Several months after setting this up, you may get an email from Salesforce informing you that your self-signed certificate expired. If that is the case, you can follow the steps below to renew your certificate. We recommend doing this after hours.

1. Go to Setup > Administer > Security Controls > Certificate and Key Management.
2. Click Delete for SDocsCert.
3. Click Create Self-Signed Certificate.
4. Set Label to SDocsCert.
5. Set Unique Name to SDocsCert.
6. Click Save.
7. Click Download Certificate.
8. Go to Setup > Build > Create > Apps.
9. Scroll down to Connected Apps section.
10. Click Edit next to Sdocs Connected Apps.
11. Scroll down to Use digital signatures.
12. Click Choose File and select the previously downloaded certificate.
13. Click Save.
14. It may take several minutes for the new certificate to take affect.
15. Confirm that everything is working (test SDJobs with Mass Merge).

Troubleshooting

If you performed this setup but your S-Docs Jobs are stuck at 10%, please try the following:

• Navigate to Setup > SDocsSettings > Manage > SDocsSettings, and set ConnectedAppTokenUrl__c to the URL domain seen in your browser's URL bar when you're on the "home" page in Classic.

• Navigate to Setup > Connected Apps > SDocs Connected Apps > Profiles, and verify that the profiles of the following users are both added to the app's permitted profiles list: 1) the user who inserted the job, and 2) the Run As User.