Simplify Data Security with EncryptSymmetric Function in Salesforce Marketing Cloud

Simplify Data Security with EncryptSymmetric Function in Salesforce Marketing Cloud
Home Page

Simplify Data Security with EncryptSymmetric Function in Salesforce Marketing Cloud

Problem Statement: Sharing and Storing Client ID and Secret for Salesforce REST API Calls

The challenge at hand is to design a secure and efficient system for sharing and storing client IDs and secrets used to authenticate Salesforce REST API calls. Salesforce REST API is a critical component of our organization's integration strategy, allowing us to interact with Salesforce data and services. The client ID and secret serve as crucial credentials that grant access to the Salesforce API on behalf of our applications.

Issues with the Current Approach

  1. Security Concerns: The existing approach may not offer sufficient security measures, potentially exposing the client ID and secret to unauthorized access or malicious actors. A breach of these credentials could lead to unauthorized data access, manipulation, or leakage of sensitive information.
  2. Centralized Dependency: The current method may rely on a centralized storage system for client IDs and secrets, creating a single point of failure. If this storage system becomes compromised, it jeopardizes the security of all integrated applications relying on it.
  3. Scalability and Flexibility: As the organization grows, the current approach might not easily scale to accommodate additional applications or third-party integrations. It may lack the flexibility to manage access at a granular level, leading to potential issues with access control.
  4. Developer Experience: The process of obtaining and managing client IDs and secrets could be cumbersome for developers, affecting their productivity and efficiency. This may hinder the adoption of Salesforce REST API for new projects.

Requirements for the Proposed Solution

  • Enhanced Security: Implement robust security measures to safeguard client IDs and secrets, including encryption at rest and in transit. Ensure that only authorized applications and users can access the credentials.
  • Decentralization: Avoid a single point of failure by moving away from a centralized storage approach. Instead, explore decentralized options to distribute and manage client IDs and secrets securely.
  • Scalability and Flexibility: Design the solution to be scalable and adaptable, accommodating new applications and third-party integrations seamlessly. Allow for fine-grained access control to manage permissions effectively.
  • Developer-Friendly: Simplify the process of obtaining and managing client IDs and secrets for developers. This could involve automation, clear documentation, and easy-to-use interfaces.
  • Audit and Monitoring: Incorporate mechanisms to monitor access to client IDs and secrets, enabling comprehensive audit trails and alerting for suspicious activities.
  • Compliance and Governance: Ensure that the solution complies with relevant industry standards and regulations regarding data protection and access control.

By addressing these requirements, we aim to establish a secure and streamlined approach for sharing and storing client IDs and secrets, enhancing the overall reliability and effectiveness of our Salesforce REST API integration strategy.

Next Steps

  1. Solution Design: Develop a detailed plan and architecture for the proposed solution. This would include identifying the specific technologies, tools, and methodologies to be used. Consider the implementation of security features, decentralized storage options, and scalability aspects.
  2. Implementation: Start building the solution based on the design. Divide the development process into smaller tasks and allocate them to appropriate team members. Implement security measures, decentralized storage mechanisms, and developer-friendly interfaces.
  3. Testing: Conduct comprehensive testing of the solution to ensure its functionality, security, and performance. Perform unit tests, integration tests, and security assessments to identify and fix any issues.
  4. Documentation: Create thorough documentation for the entire system, including how to use the client IDs and secrets, security guidelines, and developer instructions. This documentation will be valuable for onboarding new team members and future reference.
  5. Deployment: Deploy the solution in a controlled environment. Gradually roll out the new system to a subset of users or applications to monitor its performance and gather feedback.
  6. Feedback and Iteration: Gather feedback from users, developers, and stakeholders about the implemented solution. Use this feedback to make improvements and iterate on the system if necessary.
  7. Training and Education: Provide training sessions for developers and other relevant teams to ensure they understand how to use the new system correctly and securely.
  8. Monitoring and Maintenance: Set up monitoring and logging mechanisms to track the usage of client IDs and secrets and detect any potential security breaches. Continuously monitor the system's performance and security. Perform regular maintenance and updates as needed.
  9. Security Review and Compliance: Conduct a thorough security review to ensure that the solution meets all security requirements and adheres to industry best practices. Verify compliance with relevant regulations and standards.
  10. Rollout and Full Deployment: Once the solution has been thoroughly tested and deemed ready, roll it out to all relevant applications and users. Monitor its performance closely during the initial stages of full deployment.
  11. Communication: Keep all stakeholders informed about the progress of the project and the deployment of the new system. Address any concerns and ensure everyone is aware of the changes and their benefits.
  12. Contingency Planning: Develop contingency plans for potential security breaches or system failures. Have a recovery strategy in place to minimize downtime and data loss if such events occur.
  13. Continuous Improvement: Continue to collect feedback and monitor the system's performance even after full deployment. Use this information to make continuous improvements to the solution and adapt to changing requirements.

Solution Design: SMFC App with Cloud Page for Encrypting Client ID/Secret

To address the challenge of securely sharing and storing client IDs and secrets for authenticating Salesforce REST API calls, we propose the following solution:

1. Create SMFC AppExchange

Develop a SFMC AppExchange that encapsulates the encryption and data storage functionality. The app will provide a seamless and standardized way for other Salesforce applications to interact securely with the client ID and secret.

2. Cloud Page for Encryption

Create a cloud-based HTML page within the SMFC app that hosts an encryption form. This page will allow users to input their client ID and secret through a secure HTML form.

Upon submitting the form, the client ID and secret will be encrypted using a strong encryption algorithm before being transmitted to the server. This ensures that the credentials are protected during transit.

3. Data Extension for Cipher Text Storage

Set up a data extension in SFMC to store the encrypted client IDs and secrets. When the form is submitted and the ciphertext is received on the server, it will be stored in this data extension.

The data extension should have appropriate security settings to restrict access only to authorized users and applications.

4. Key Management for Password, Salt, and Initialization Vector

Utilize Salesforce Key Management to securely store the encryption password, salt, and initialization vector (IV). These cryptographic components are essential for decrypting the ciphertext back to its original form.

By storing these components in Salesforce Key Management, we ensure that they are protected from unauthorized access and are managed in a secure and centralized manner.

5. Encryption Process

When a user submits the form on the cloud page, the SMFC app's backend will handle the encryption process using the stored password, salt, and IV. The ciphertext will then be stored in the designated data extension.


UpsertData('CipherTextForInstallPackage',1,
                        'AppName','SaseeApp',
                        'ClientID',@encryptClientID,
                        'ClientSecret',@encryptClientSecret,
                        'UpdatedDate',Now())

6. Access Control and Monitoring

The SMFC app should implement robust access controls to ensure that only authorized users and applications can interact with the encryption cloud page and access the stored credentials.

Additionally, we will incorporate monitoring mechanisms to track access to the cloud page, data extension, and Key Management to detect any suspicious activities and potential security breaches.


<script runat='server'>
  Platform.Load('core', '1');
  try {
    var referer = Platform.Request.ReferrerURL;
    var method=Platform.Request.Method;
    Variable.SetValue("@method", method);
    var regex = /^(https:\/\/(.*\.)?((mc.s50.exacttarget)\.com))(§|\/)/g;
    var match = referer.match(regex);
    var origin = (match.length > 0) ? match[1] : null;
    if (origin != null) {
      HTTPHeader.SetValue('Access-Control-Allow-Methods', 'POST');
      HTTPHeader.SetValue('Access-Control-Allow-Origin', origin);
      Platform.Response.SetResponseHeader('Strict-Transport-Security', 'max-age=200');
      Platform.Response.SetResponseHeader('X-XSS-Protection', '1; mode=block');
      Platform.Response.SetResponseHeader('X-Frame-Options', 'Deny');
      Platform.Response.SetResponseHeader('X-Content-Type-Options', 'nosniff');
      Platform.Response.SetResponseHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
      Platform.Response.SetResponseHeader('Content-Security-Policy', "default-src 'self'");
    }
    else {
      throw "Not Authorised";
    }
  }
  catch (error) {
    Write(Stringify({
      status: "Error", message: error }
                   ));
  }
</script>
              

 var HTTPPropertiesDE = DataExtension.Init("HTTPProperties");
    HTTPPropertiesDE.Rows.Add({
      Browser: Platform.Request.Browser,
      ClientIP: Platform.Request.ClientIP,
      HasSSL: Platform.Request.HasSSL,
      IsSSL: Platform.Request.IsSSL,
      Method: Platform.Request.Method,
      QueryString: Platform.Request.QueryString,
      ReferrerURL: Platform.Request.ReferrerURL,
      RequestURL: Platform.Request.RequestURL,
      UserAgent: Platform.Request.UserAgent
    }

7. Compliance and Documentation

Ensure that the solution complies with relevant industry standards and data protection regulations. Document the entire process, including the encryption algorithm used, access controls, and key management procedures.

With this solution, we aim to provide a secure and standardized method for sharing and storing client IDs and secrets, enhancing the overall security and reliability of our Salesforce REST API integration.

8. Points to Remember

What is the difference between SALT and Initialization Vector used in Symmetric encryption

SALT and Initialization Vector (IV) are both used in symmetric encryption to enhance security and prevent certain types of attacks, but they serve different purposes.

1. SALT:

  • SALT is primarily used in password-based key derivation functions (KDFs) and password hashing algorithms, not directly in symmetric encryption itself.
  • Its purpose is to add randomness and uniqueness to a password before generating an encryption key or hashing it.
  • The salt value is a random or pseudo-random sequence of bits that is combined with the password input before the key or hash is generated.
  • The same plaintext, when encrypted with the same key, should produce different ciphertexts if a unique salt is used each time.
  • The main advantage of using salt is that it prevents attackers from using precomputed tables (rainbow tables) to crack passwords efficiently, as each salt value makes the hash or key derivation unique.

2. Initialization Vector (IV):

  • The Initialization Vector, on the other hand, is specifically used in symmetric encryption algorithms as an additional input to the encryption process.
  • Its purpose is to introduce randomness into the encryption process and avoid repetitive patterns in the ciphertext.
  • The IV is combined with the encryption key to produce the actual encryption key used for the encryption of the data.
  • When encrypting multiple blocks of data, using the same key without an IV could result in identical blocks of ciphertext for identical plaintext blocks, which can be exploited by attackers.
  • By using a unique IV for each encryption operation, even if the same plaintext is encrypted multiple times, the resulting ciphertext will be different.

In summary, SALT is used in password-based key derivation and hashing to make password cracking more difficult, while the Initialization Vector is used in symmetric encryption to introduce randomness and avoid repetitive patterns in the ciphertext. Both are essential for different purposes to enhance the overall security of cryptographic operations.

Note: If a checkbox is unchecked when its form is submitted, neither the name nor the value is submitted to the server. There is no HTML-only method of representing a checkbox's unchecked state (e.g. value=unchecked). If you wanted to submit a default value for the checkbox when it is unchecked, you could include JavaScript to create a <input type="hidden"> within the form with a value indicating an unchecked state.

Note: Checkboxes are similar to radio buttons, but with an important distinction: radio buttons are designed for selecting one value out of a set, whereas checkboxes let you turn individual values on and off. Where multiple controls exist, radio buttons allow one to be selected out of them all, whereas checkboxes allow multiple values to be selected.

The Code Snippet


            <script runat="server" language="Javascript">
              // Load the SFMC core library and retrieve the HTTP request method
              Platform.Load("core", "1");
              var method = Platform.Request.Method;
              // Set the method value as an AMPscript variable for later use
              Variable.SetValue("@method", method);
            </script>
             %%[
if @method=="GET" then
    SET @clearText='Example'
    SET @algo='AES'
    SET @password='j%Zrb464bz41'
    SET @saltValue=SHA256('j%Zrb464bz41')
    SET @ivValue='4963b7334a46352623252955df21d7f3'
    SET @output="Sasee"
    SET @TextForClientID=@clearText
    SET @TextForClientSecret=@clearText
    SET @TextForAlgo=@algo
    SET @passwordExternalKey=RequestParameter('passwordExternalKey')
    SET @password=@password
    SET @saltExternalKey=RequestParameter('saltExternalKey')
    SET @saltValue=@saltValue
    SET @IVExternalKey=RequestParameter('IVExternalKey')
    SET @ivValue=@ivValue
    SET @hidden="hidden"
    SET @EncryptSymmetricChecked="checked"
else
    SET @TextForClientID=RequestParameter('TextForClientID')
    SET @TextForClientSecret=RequestParameter('TextForClientSecret')
    SET @TextForAlgo=RequestParameter('TextForAlgo') 
    SET @passwordExternalKey=RequestParameter('passwordExternalKey')
    SET @password=RequestParameter('password')
    SET @saltExternalKey=RequestParameter('saltExternalKey')
    SET @saltValue=RequestParameter('saltValue')
    SET @IVExternalKey=RequestParameter('IVExternalKey')
    SET @ivValue=RequestParameter('ivValue')
    SET @EncryptSymmetric=RequestParameter('EncryptSymmetric')
    if not empty(@EncryptSymmetric) then
        if @EncryptSymmetric=="EncryptSymmetric" then
            SET @encryptClientID=EncryptSymmetric(@TextForClientID, @TextForAlgo, @passwordExternalKey, 
                                 @password,@saltExternalKey,@saltValue,@IVExternalKey,@ivValue)
            SET @encryptClientSecret=EncryptSymmetric(@TextForClientSecret, @TextForAlgo, @passwordExternalKey, 
                                 @password,@saltExternalKey,@saltValue,@IVExternalKey,@ivValue)
            SET @output=Concat("Client Id : ",@encryptClientID ,"  Client Secret : ",@encryptClientSecret)
            UpsertData('CipherTextForInstallPackage',1,
                        'AppName','SaseeApp',
                        'ClientID',@encryptClientID,
                        'ClientSecret',@encryptClientSecret,
                        'UpdatedDate',Now())
            SET @EncryptSymmetricChecked="checked"
        elseif @EncryptSymmetric=="DecryptSymmetric" then
            SET @decryptClientID=DecryptSymmetric(@TextForClientID, @TextForAlgo, @passwordExternalKey, 
                                 @password,@saltExternalKey,@saltValue,@IVExternalKey,@ivValue)
            SET @decryptClientSecre=DecryptSymmetric(@TextForClientSecret, @TextForAlgo, @passwordExternalKey, 
                                 @password,@saltExternalKey,@saltValue,@IVExternalKey,@ivValue)
            SET @DecryptSymmetricChecked="checked"
            SET @output=Concat("Client Id : ",@decryptClientID ,"  Client Secret : ",@decryptClientSecre)
        endif
    else
        SET @hidden="hidden"
    endif
endif
]%%

Understanding the Code

The code starts with a JavaScript block (<script runat="server" language="Javascript">) that runs on the server-side. It loads the SFMC core library and retrieves the HTTP request method, which will be used later.

The subsequent AMPscript block (%%[...]%%) handles the server-side processing. It checks if the HTTP request method is "GET" or not.

If the method is "GET," the code sets default values for encryption and decryption parameters. It also initializes variables for the form to display these default values. Additionally, it hides the encryption options until the user selects an action (encrypt or decrypt).

If the method is not "GET," it means a form was submitted with the desired encryption or decryption parameters. The code then retrieves these parameters and performs the corresponding operation using the selected options.

The result of the encryption or decryption operation is stored in the @output variable, which can be further utilized in the SFMC email or landing page.

Encryption and Decryption Logic

The code employs the Advanced Encryption Standard (AES) algorithm for symmetric encryption and decryption. Here are some key points to understand:

  • @clearText: This variable stores the text to be encrypted or decrypted.
  • @algo: This variable represents the encryption algorithm, which is set to AES in this case.
  • @password: This variable holds the encryption/decryption password.
  • @saltValue: A unique value used as a salt to enhance the security of the encryption.
  • @ivValue: The initialization vector (IV) used in AES encryption.
  • EncryptSymmetric() and DecryptSymmetric(): These are functions used for symmetric encryption and decryption operations, respectively. The code calls these functions with appropriate parameters to perform the encryption/decryption process.

HTML Form


<body>
    <div class="layout layout-canvas-g">
      <div class="section">
        <h2 %%=v(@hidden)=%% class="red-text" color=red;>
          <label class="text-success">Output :</label>
          <input type="text" class="form-control text-success" id="output" name="output"
                 aria-describedby="emailHelp" placeholder="Data" value="%%=v(@output)=%%" disabled>
        </h2>
        <div class="columns col1">
          <hr width="100%;" color="red"
              size="10">
          <div data-type="slot" data-key="col1">
            <form class="needs-validation" novalidate action="CloudPagesURL(1234)" 
                  method="Post">
              <div class="form-row">
                <div class="col-md-4 mb-2">
                  <input class="form-check-input" type="radio"  id="EncryptSymmetric" name="EncryptSymmetric"
                         value="EncryptSymmetric" %%=v(@EncryptSymmetricChecked)=%% >
                  <label class="form-check-label" for="EncryptSymmetric">Encrypt Symmetric</label>
                </div>
                <div class="col-md-4 mb-2">
                  <input class="form-check-input" type="radio"  id="DecryptSymmetric" name="EncryptSymmetric"
                         value="DecryptSymmetric" %%=v(@DecryptSymmetricChecked)=%% >
                  <label class="form-check-label" for="DecryptSymmetric">Decrypt Symmetric</label>
                </div>
              </div>
              <hr width="100%;" color="red"
                  size="10">
              <div class="form-row">
                <div class="col-md-4 mb-2">
                  <label for="TextForAction">Data</label>
                  <input type="text" class="form-control" id="TextForAction" name="TextForAction"
                         aria-describedby="emailHelp" placeholder="Data" value="%%=v(@TextForAction)=%%">
                </div>
                <div class="col-md-4 mb-2" >
                </div>
                <div class="col-md-4 mb-2">
                  <label for="TextForAlgo">Algorithm</label>
                  <input type="text" class="form-control" id="TextForAlgo" name="TextForAlgo" value="%%=v(@TextForAlgo)=%%"
                         placeholder="Algorithm">
                </div>
              </div>
              <div class="form-row">
                <div class="col-md-4 mb-2">
                  <label for="passwordExternalKey">Password External Key</label>
                  <input type="text" class="form-control" id="passwordExternalKey"
                         name="passwordExternalKey" value="%%=v(@passwordExternalKey)=%%" placeholder="passwordExternalKey">
                </div>
                <div class="col-md-4 mb-2">
                </div>
                <div class="col-md-4 mb-2">
                  <label for="password">Password</label>
                  <input type="text" class="form-control" id="password" name="password" value="%%=v(@password)=%%"
                         placeholder="password">
                </div>
              </div>
              <div class="form-row">
                <div class="col-md-4 mb-2">
                  <label for="saltExternalKey">Salt External Key</label>
                  <input type="text" class="form-control" id="saltExternalKey" name="saltExternalKey" value="%%=v(@saltExternalKey)=%%"
                         placeholder="saltExternalKey">
                </div>
                <div class="col-md-4 mb-2">
                </div>
                <div class="col-md-4 mb-2">
                  <label for="saltValue">Salt Value</label>
                  <input type="text" class="form-control" id="saltValue" name="saltValue" value="%%=v(@saltValue)=%%"
                         placeholder="saltValue">
                </div>
              </div>
              <div class="form-row">
                <div class="col-md-4 mb-2">
                  <label for="IVExternalKey">IV External Key</label>
                  <input type="text" class="form-control" id="IVExternalKey" name="IVExternalKey" value="%%=v(@IVExternalKey)=%%"
                         placeholder="IVExternalKey">
                </div>
                <div class="col-md-4 mb-2">
                </div>
                <div class="col-md-4 mb-2">
                  <label for="ivValue">IV Value</label>
                  <input type="text" class="form-control" id="ivValue" name="ivValue" value="%%=v(@ivValue)=%%"
                         placeholder="ivValue">
                </div>
              </div>
              <button type="submit" class="btn btn-primary">Submit</button>
            </form>
          </div>
          <hr width="100%;" color="red"
              size="5">
        </div>
      </div>
    </div>
  </body>

Conclusion:

Building a Marketing Cloud App with symmetric encryption is a proactive step towards securing your customer's sensitive data. By implementing robust encryption algorithms and secure key management practices, you can enhance your data security and strengthen customer trust in your brand. Remember to keep abreast of the latest encryption best practices and evolving data protection regulations to ensure your app's continued security and compliance. With data security at the forefront, your marketing efforts can thrive, knowing that your customer's information is well-protected.

TOP


Comments

Post a Comment


Knowledge Article

Most Viewed

Image

CLOUD PAGE ENABLEMENT - PART 1

 CLOUD PAGE ENABLEMENT - PART 1 CREATE A CLOUD PAGE IN MARKETING CLOUD  USE CASE : Create a landing page in marketing cloud to collect consent from subscribers. Step 1: Create a landing page and publish it [no coding required] Step 2: Build a form control using bootstrap  <form class = "row g-3"       action = "https://tenantEndpoint/ConsentCollection"       method = "Post" > </form> Update your form "action" attribute value with your cloud page URL. Method attribute "Post" Add form controls  To collect email, add the below form control <div class = "col-md-6" >       <label for = "inputEmail4" class = "form-label" > Email </label>       <input type = "email" class = "form-control"               id = "inputEmail4" name = "inputEmail4"               value = "%%=v(@inputEmail4)=%%" required %% = v(@disabled) = %% &
Image

EMAIL NOT SENT IN JOURNEY BUILDER

TROUBLESHOOTING JOURNEY SENDS First step towards troubleshooting in SFMC is to install Query Studio from AppExchange. https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000FP3yFUAT Once you have access to Query studio you can write SQL queries and troubleshoot the issues quickly. If you are building a complex queries for a use case, you can write and execute the queries to see if it returns the desired output. Once, you are satisfied with your query you can save and add it to query activity. You can also save the output into a data extension if required, by default query studio stores the output into a data extension under the folder QueryStudioResults. If you have to execute another SQL with the output of the previous result, you can reference the Data Extensions and apply it in your FROM statement. FAQ : 1. How to find out who all did not receive email during journey send ? Best practice is to enable send logging for your account. This will help a-lot during troubl
Image

CONSIDERATIONS FOR JOURNEY BUILDER

 CONSIDERATIONS FOR JOURNEY BUILDER   WHAT HAPPENS WHEN YOU SEND AN EMAIL OUTBOUND MAIL MANAGEMENT GETS INVOKED BY MARKETING CLOUD , OMM IS NOT IN OUR CONTROL BUT LETS GO THROUGH BEHIND THE SCENE ACTIONS. 1. OOM PREPARES DATABASE FOR THE JOBS, OOM ANALYZES THE EMAIL, WHETHER IT'S A TEMPLATE BASED EMAIL OR HTML, WHETHER EMAILS CONTAINS PERSONALIZATIONS OR DYANMIC CONTNETS.  2.  OOM STRUCTURES THE EMAIL BASED ON HEADER , BODY AND FOOTER. OOM RETRIEVES THE SUBJECT LINE , BODY CONTENT , AMPSCRIPT IN THE EMAIL AND INTERPRETS THE AMPSCRIPT AND RETIRVES IMAGES. 3. BASED ON THE DATABASE AND STRUCUTRE MAINATAINED BY THE OOM, IT DETERMINES THE CONTENT FOR THE SUBSCRIBERS AND PROCESSES TO MAINTAIN THE PLACEHOLDERS FOR EACH SUBSCRIBERS. 4. OOM HAS PLACED THE PROCESSES IN THE QUEUE, OOM BUNDLES EMAILS IN 500 BATCHES AND SEND TO SUBSCRIBERS INBOX.  NOW WE HAVE THE BACKGROUD , WHAT ARE THE CONSIDERATIONS FOR BUILDING A JOURNEY  JOURNEY PERFORMANCE ARE BASED ON : 1. DATA MODEL 2. FILTERS  3. JOURN
Image

Journey Builder REST API Documentation

Journey Builder REST API Documentation Home Page Journey Builder REST API Documentation Introduction The Journey Builder REST API allows you to programmatically interact with the Journey Builder feature of Salesforce Marketing Cloud. With this API, you can create, update, and manage customer journeys, as well as perform various operations related to contacts and interactions within those journeys. This document provides detailed information on how to use the Journey Builder REST API to integrate and automate your marketing workflows. Base URL The base URL for accessing the Journey Builder REST API is:
Image

Preference Center Demystified

Preference Center Demistifier Home Page Preference Center Demystified Email preference centers can unlock a wealth of subscriber information if executed properly. Learn more about them to create the personalized email experiences that build loyalty and trust.

Popular Posts

Image

CLOUD PAGE ENABLEMENT - PART 1

 CLOUD PAGE ENABLEMENT - PART 1 CREATE A CLOUD PAGE IN MARKETING CLOUD  USE CASE : Create a landing page in marketing cloud to collect consent from subscribers. Step 1: Create a landing page and publish it [no coding required] Step 2: Build a form control using bootstrap  <form class = "row g-3"       action = "https://tenantEndpoint/ConsentCollection"       method = "Post" > </form> Update your form "action" attribute value with your cloud page URL. Method attribute "Post" Add form controls  To collect email, add the below form control <div class = "col-md-6" >       <label for = "inputEmail4" class = "form-label" > Email </label>       <input type = "email" class = "form-control"               id = "inputEmail4" name = "inputEmail4"               value = "%%=v(@inputEmail4)=%%" required %% = v(@disabled) = %% &
Image

EMAIL NOT SENT IN JOURNEY BUILDER

TROUBLESHOOTING JOURNEY SENDS First step towards troubleshooting in SFMC is to install Query Studio from AppExchange. https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000FP3yFUAT Once you have access to Query studio you can write SQL queries and troubleshoot the issues quickly. If you are building a complex queries for a use case, you can write and execute the queries to see if it returns the desired output. Once, you are satisfied with your query you can save and add it to query activity. You can also save the output into a data extension if required, by default query studio stores the output into a data extension under the folder QueryStudioResults. If you have to execute another SQL with the output of the previous result, you can reference the Data Extensions and apply it in your FROM statement. FAQ : 1. How to find out who all did not receive email during journey send ? Best practice is to enable send logging for your account. This will help a-lot during troubl
Image

CONSIDERATIONS FOR JOURNEY BUILDER

 CONSIDERATIONS FOR JOURNEY BUILDER   WHAT HAPPENS WHEN YOU SEND AN EMAIL OUTBOUND MAIL MANAGEMENT GETS INVOKED BY MARKETING CLOUD , OMM IS NOT IN OUR CONTROL BUT LETS GO THROUGH BEHIND THE SCENE ACTIONS. 1. OOM PREPARES DATABASE FOR THE JOBS, OOM ANALYZES THE EMAIL, WHETHER IT'S A TEMPLATE BASED EMAIL OR HTML, WHETHER EMAILS CONTAINS PERSONALIZATIONS OR DYANMIC CONTNETS.  2.  OOM STRUCTURES THE EMAIL BASED ON HEADER , BODY AND FOOTER. OOM RETRIEVES THE SUBJECT LINE , BODY CONTENT , AMPSCRIPT IN THE EMAIL AND INTERPRETS THE AMPSCRIPT AND RETIRVES IMAGES. 3. BASED ON THE DATABASE AND STRUCUTRE MAINATAINED BY THE OOM, IT DETERMINES THE CONTENT FOR THE SUBSCRIBERS AND PROCESSES TO MAINTAIN THE PLACEHOLDERS FOR EACH SUBSCRIBERS. 4. OOM HAS PLACED THE PROCESSES IN THE QUEUE, OOM BUNDLES EMAILS IN 500 BATCHES AND SEND TO SUBSCRIBERS INBOX.  NOW WE HAVE THE BACKGROUD , WHAT ARE THE CONSIDERATIONS FOR BUILDING A JOURNEY  JOURNEY PERFORMANCE ARE BASED ON : 1. DATA MODEL 2. FILTERS  3. JOURN
Image

Journey Builder REST API Documentation

Journey Builder REST API Documentation Home Page Journey Builder REST API Documentation Introduction The Journey Builder REST API allows you to programmatically interact with the Journey Builder feature of Salesforce Marketing Cloud. With this API, you can create, update, and manage customer journeys, as well as perform various operations related to contacts and interactions within those journeys. This document provides detailed information on how to use the Journey Builder REST API to integrate and automate your marketing workflows. Base URL The base URL for accessing the Journey Builder REST API is:
Image

Preference Center Demystified

Preference Center Demistifier Home Page Preference Center Demystified Email preference centers can unlock a wealth of subscriber information if executed properly. Learn more about them to create the personalized email experiences that build loyalty and trust.
Image

SEND LOG EANBLEMENT

SEND LOG EANBLEMENT STEP BY STEP GUIDE HOW TO ENABLE SEND LOGGING IN SALESFORCE MARKETING CLOUD  STEP 1 : CREATE SEND LOG DATA EXTENSION Create a data extension for Send Log utilizing send log template. You can create similar Send log for SMS, Push etc.,             Default attributes for Send Log Add custom attributes to send log, custom attributes will increase you query optimization and troubleshooting If you have Google Analytics enabled you can add utm_campaign and utm_source attributes as well. Best Practice would be to archive send log on a monthly basis and set the retention policy to 6 months.  STEP 2 : CREATE CODE SNIPPET TO ADD CUSTOM ATRRIBUTES TO SEND LOG  Default send log attributes gets added to send log by default as it picks from system personalization string  Email personalization strings can be found in email tool bar: Profile and System Attribute   Create a code snippet  Write an AmpScript block to add custom attributes to Send Log data extension                   %

Share with Friends

Disclaimer:

The information provided on this technical blog is for general informational purposes only. As a SFMC (Salesforce Marketing Cloud) Technical Architect, I strive to offer accurate and up-to-date content related to SFMC and its associated technologies. However, please note that technology is constantly evolving, and the information provided may become outdated or inaccurate over time.

The content published on this blog represents my personal views and experiences as a SFMC Technical Architect and does not necessarily reflect the official views or opinions of any organization or employer I may be affiliated with.

While I make every effort to ensure the accuracy and reliability of the information presented, I cannot guarantee its completeness, suitability, or applicability to your specific circumstances. Therefore, it is essential to verify any information provided and make your own independent assessments or seek professional advice if needed.

Furthermore, any actions taken based on the information provided on this blog are at your own risk. I shall not be held liable for any damages, losses, or inconveniences arising from the use of the information presented here.

Please keep in mind that SFMC and its associated technologies are complex and require technical expertise for proper implementation and management. It is recommended to consult with qualified professionals or official SFMC documentation for comprehensive guidance.

Finally, please note that any product or company names mentioned on this blog are trademarks or registered trademarks of their respective owners. The mention of these trademarks or registered trademarks does not imply any endorsement or affiliation with the blog.

By accessing and using this blog, you agree to the terms of this disclaimer. If you do not agree with any part of this disclaimer, please refrain from using this blog.

Home Page