Documentation Index

Fetch the complete documentation index at: https://help.gong.io/llms.txt

Use this file to discover all available pages before exploring further.

Enable signing into Gong via Salesforce

Prev Next

Who can use this: Tech admin

Available on: Any Gong plan

Ideal for: Tech admin

Salesforce requires all connected apps to meet updated security standards. For customers whose team members sign into Gong via Salesforce, this requires installing a Gong managed package in Salesforce. The package registers Gong as an authorized app in your Salesforce organization and contains no code or customizations.

About the package

The following are the package details:

  • Package ID: 0337y000005iObdAAE

  • Namespace: gongeca

  • Version: 0.1

What you need to do

A Salesforce administrator must install the Gong external client app package in your Salesforce organization. This applies to all environments: production, sandbox, and any Salesforce instance regardless of data center.

After the package is installed, Salesforce requires you to complete the Refresh Token IP Allowlist, also known as Trusted IP Ranges, as part of the external client app setup.

After the package is installed, team members who sign into Gong via Salesforce will be prompted to sign in again. This is a one-time step.

Frequently asked questions

Is this package the same for all customers?

Yes. Any customer whose team members sign into Gong via Salesforce must install the package. This applies to all environments: production, sandbox, and any Salesforce instance in any data center.

What does the package contain?

The package contains only the definition of the external client app. It includes no Apex classes, triggers, Lightning Web Components, or Visualforce pages.

What OAuth scopes does the external client app use?

The external client app only requests the scopes required for the sign-in flow:

  • Perform requests at any time (refresh_token, offline_access)

  • Access the identity URL service (id, profile, email, address, phone)

Do team members need to sign in again after installation?

Yes. After the package is installed, team members will be prompted to sign in with Salesforce once. This is a one-time step and will not recur.

What IP ranges need to be allowlisted?

As part of the external client app setup, Salesforce requires completing the Refresh Token IP Allowlist, which is also used as Trusted IP Ranges.

What OAuth flow does the external client app use?

The external client app follows Salesforce's required security policy for external client apps, including Authorization Code with PKCE and token rotation as specified by Salesforce.

Does this change how Gong accesses or syncs data?

No. There are no changes to data access or sync behavior.

Is there a rollback option?

Gong is keeping the legacy connected app in place while the transition is confirmed for all customers. If any issues arise after installation, contact Gong Support.

Did the app go through a security review?

Salesforce does not require external client app package definitions to pass a security review. If your company requires a review, contact Gong Support.