https://github.com/simpsonresearch/salesforce-flow-continue
https://github.com/simpsonresearch/salesforce-flow-continue
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/simpsonresearch/salesforce-flow-continue
- Owner: simpsonresearch
- Created: 2025-08-12T14:57:09.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2025-08-12T15:37:09.000Z (5 months ago)
- Last Synced: 2025-08-12T17:07:51.443Z (5 months ago)
- Size: 8.79 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Salesforce Flow Continuation Architecture
Secure flow resumption system allowing users to continue multi-step Salesforce flows via email verification with JWT tokens.
## Process Flow
### **Flow A: New User**
1. User enters name/email on Screen 1
2. Check if a Lead with the provided email already exists
3. If the lead doesn't exist, create a lead, then continue to the next screen.
### **Flow B: Returning User**
1. User enters name/email on Screen 1
2. If the lead exists, show a "Continue previous application?" popup and button
3. If the user clicks the "Continue" button, send a POST API request to `/continue-flow?email="user@email.com"`
5. In the API backend:
- Generates secure JWT token (1hr expiry)
- Sends email via Microsoft Graph API
6. User then clicks email link with JWT token → Navigates to link in browser
7. Check if `token` param exists in the URL. If it does, execute the following steps:
- Grab token from URL params, then send POST API request to `/validate-token?token="..."`
- If the token is valid, fetch lead using email and resume flow from saved step (in lead object)
## Security Features
🔒 **JWT Token Security**
- Secret stored securely in Azure (not exposed to Salesforce)
- 1-hour expiration
- Email verification required
## Tech Stack
- **Salesforce**: Flow + Apex HTTP callouts
- **Azure**: Express API + Microsoft Graph (email)
- **Security**: JWT tokens + Azure Key Vault