Skip to main content

Salesforce

Integrate Suger with Salesforce to create private offers, manage contracts, and co-sell across AWS, Azure & GCP Marketplaces directly from your CRM.

Overview

This guide walks you through integrating Salesforce with Suger, enabling your sales and business teams to:

  • Create marketplace offers directly from Salesforce opportunities
  • Manage co-sell referrals within your existing CRM workflow
  • Sync opportunity data between Salesforce and marketplace platforms
  • Streamline collaboration between sales teams and marketplace operations

Prerequisites

  • A Salesforce Administrator account
  • A Suger organization account and API Key
  • Installation link for the Salesforce package (Production or Sandbox)

Installation

Install the Salesforce Package

Install the Suger package from the AppExchange:

  1. Click Get it Now
  2. Log in with your Salesforce Admin account
  3. Choose Install in Production (or Sandbox)
  4. Select Install for Admins Only / All Users / Specific Profiles
  5. Click Install

Set Up Integration User

To connect Suger with Salesforce, you need a dedicated Integration User account. This user will authenticate via OAuth 2.0 Web Server Flow and allow Suger to communicate with your Salesforce org using REST APIs.

Creating a dedicated Integration User ensures:

  • Secure and isolated access for API calls
  • Easier troubleshooting and monitoring
  • No dependency on personal user accounts

Choose a License Type

When creating the Integration User, select one of the following license types:

License TypeWhen to UseNotes
Salesforce LicenseRequired if your field mapping involves CPQ Quote (SBQQ__Quote__c)You must also assign a CPQ license to the user if you are using CPQ
Salesforce Integration LicenseRecommended in most casesFree license, limited to API-only users (cannot log in via UI). Use with Salesforce API Only System Integrations profile

Create the Integration User

  1. In Salesforce Setup, go to UsersNew User.
  2. Enter a valid email address (required for activation).
  3. Assign one of the licenses listed above.
  4. For Salesforce Integration License, assign the Salesforce API Only System Integrations profile.
  5. Save and activate the user.

Assign Permission Sets

After creating the user, assign the necessary permission sets depending on the license type:

If using Salesforce License:

  • Assign the Suger Integrator permission set.
  • Create an additional permission set granting Read and View All access on:
    • Account
    • Contact
    • Opportunity
    • Any other objects/fields required in your field mapping

If using Salesforce Integration License:

  • Assign the Suger Integrator (Salesforce Integration License) permission set.
  • Create a new permission set (with Salesforce API Integration as the license type) granting Read and View All access on:
    • Account
    • Contact
    • Opportunity
    • Any other objects/fields required in your field mapping
  • When creating this permission set, be sure to select Salesforce API Integration as the license. Note that it is Salesforce API Integration, NOT Salesforce Integration.

At this point, your Integration User is ready. You can now proceed to connect Salesforce and Suger via OAuth in the next step.

important

Please verify that your new permission set has read and write access to all fields in the Referral (Suger) object. You can do this by going to SetupUsersPermission SetsYour new permission set nameObject Settings → Search for Referral (Suger) → Make sure to have read and write access to all fields in this object. For object permissions, please make sure Read, Create, Edit, Delete, View All Records, and Modify All Records are enabled.

Configuration

To enable two-way communication, you need to:

  1. Allow Salesforce → Suger (enter Organization ID and API Key in Salesforce).
  2. Allow Suger → Salesforce (authorize access via OAuth).

Configure Salesforce to Access Suger

This step configures Salesforce so it can call Suger APIs.

  1. Get your Organization ID and API Key

    • Organization ID: found in Suger Console → SettingsOrganization & Users
    • API Key: generate in Suger Console → SettingsAPI Client

  2. Open Suger app in Salesforce

    • In Salesforce, search for Suger under Apps and open it.

  3. Enter settings in Salesforce

    • Go to Settings inside the Suger app.

    • Fill in:

      • Organization ID
      • API Endpoint: https://api.suger.cloud
      • API Key (check no trailing spaces)

    • Click Save.

Configure Suger to Access Salesforce

This step configures Suger Console to connect to Salesforce using the Integration User.

  1. Go to Integrations in Suger Console

    • Navigate to Settings → Integrations → Salesforce.
    • Click Connect Now.

  2. Select Environment

    • Enter your Salesforce Subdomain (e.g., acme.my.salesforce.com).
    • Check Sandbox if you are connecting to a sandbox org.
    • Click Create

Find your Salesforce Subdomain in Salesforce Setup → Company Settings → My Domain.

  1. Verify the connection

    • Click Verify.

User Interface Setup

Enable Suger Widget on Opportunity Pages

Add the Suger Opportunity Quick Panel component to enable Suger features directly on opportunity records:

  1. Open Salesforce Setup → Object Manager → Opportunity → Lightning Record Pages.
  2. Edit the Opportunity Record Page.
  3. In the Components panel, search for Suger.
  4. Drag and drop Suger Opportunity Quick Panel onto the page layout.
  5. Save and activate the page.

When configured, users will see New Offer and Co-sell buttons on Opportunity records.

Assign User Permissions

Your team will only see the correct Suger buttons if they are assigned the right Permission Set. Suger provides three permission sets:

Permission SetVisible FeaturesTypical Use Case
Suger User – MarketplaceMarketplace buttons only (e.g., New Offer)Sales team managing offers
Suger User – CosellCo-sell button onlyBusiness development team
Suger UserAll functionalitiesPower users, admins, or full-feature users

Example: If Jane Doe is assigned Suger User – Cosell, she will only see the Co-sell button in the Suger Widget.

Custom Permissions

Under the hood, button visibility is controlled by the following Custom Permissions (under the Suger namespace):

  • Create Offer
  • Create Referral

CRM Enrichment

CRM Enrichment allows you to automatically enrich Salesforce records with intelligence signals from Suger. This feature syncs valuable marketplace and engagement data directly to your CRM records, giving your sales team actionable insights without leaving Salesforce.

Overview

With CRM Enrichment, you can:

  • Automatically populate CRM fields with intelligence signals (engagement scores, marketplace metrics)
  • Configure multiple record types (e.g., Opportunities, Accounts) with different enrichment rules
  • Use SOQL queries to target specific records for enrichment
  • Map intelligence fields to custom Salesforce fields

Prerequisites

Before configuring enrichment, ensure you have:

  1. Custom fields created in Salesforce to store the intelligence data

Creating Custom Fields in Salesforce

You need to create custom fields in Salesforce to store the intelligence signals. For each signal you want to sync:

  1. Go to SetupObject Manager → Select your object (e.g., Account, Opportunity)

  2. Click Fields & RelationshipsNew

  3. Choose the appropriate field type (e.g., Text for scores and general data)

  4. Enter a Field Label (e.g., "Azure Engagement Score")

  5. Configure field-level security to allow the Integration User to read and write

  6. Add the field to your page layouts as needed

Configuring Enrichment

  1. Navigate to Suger ConsoleSettingsIntegrationsSalesforce
  2. Click Edit to open the integration settings
  3. Go to the Enrichment tab
  4. Click Add CRM Record to create a new enrichment rule

For each configuration, specify:

SettingDescription
Record TypeThe Salesforce object to enrich (e.g., Opportunity, Account)
QuerySOQL query to filter which records to enrich
Field MappingsMap intelligence fields to your custom Salesforce fields
Refresh ExistingControls when previously enriched records are refreshed: Never, Immediately, or Every N days (default: 30 days)
Max Records Per SyncMaximum number of records to process per sync run (default: 10,000, maximum: 50,000, minimum: 1,000)

After entering your query, click Validate Query to verify it is valid and see how many records match. This helps ensure your enrichment rule targets the right set of records before saving.

Available Intelligence Fields

Intelligence signals are derived from multiple data sources:

  • Cloud partner data — Engagement scores sourced directly from cloud partner programs (e.g., AWS Partner Network, Azure Partner Center, GCP Partner Advantage).
  • Marketplace activity — Public marketplace metrics such as listing counts, review counts, and purchase history across AWS, Azure, and GCP marketplaces.

The following intelligence signals can be mapped to your CRM fields:

AWS Signals

  • AWS Engagement Score
  • AWS Marketplace Count
  • AWS Marketplace Review Count
  • AWS Marketplace Purchase Count

Azure Signals

  • Azure Engagement Score
  • Azure Event Score
  • Azure Usage Score
  • Azure Marketplace Count
  • Azure Marketplace Review Count
  • Azure Marketplace Purchase Count

GCP Signals

  • GCP Engagement Score
  • GCP Marketplace Count
  • GCP Marketplace Review Count
  • GCP Marketplace Purchase Count

Example Configuration

To enrich Opportunities in the Prospecting stage with AWS engagement data:

  1. CRM Record Type: Opportunity
  2. Field Mappings:
    • AWS Engagement Scoreaws_engagement_score
  3. SOQL Query: SELECT Id FROM Opportunity WHERE StageName = 'Prospecting'

How Enrichment Works

Sync Schedule

Suger runs a scheduled enrichment sync every 12 hours (at midnight and noon UTC). During each sync, Suger automatically processes all configured enrichment rules for your organization.

Enrichment Process

Each sync goes through the following steps:

  1. Query your Salesforce org using the configured SOQL query to identify records that need enrichment.
  2. Look up intelligence data for each matching record based on the company's website domain.
  3. Update the mapped fields in Salesforce with the latest intelligence values.

Update Mechanism

Suger uses a smart two-step approach to ensure efficient and complete data coverage:

  • Step 1 — Enrich new records: Every sync prioritizes records that have not been enriched yet (where the mapped fields are still empty). This ensures newly added or previously missed records receive intelligence data first.
  • Step 2 — Refresh existing records: Once all new records have been enriched, Suger begins a refresh cycle — rotating through previously enriched records in batches to keep data up to date. This rotation continues across multiple syncs until all records have been refreshed, then a new cycle begins.

The Refresh Existing setting controls how the refresh cycle behaves:

SettingBehavior
NeverOnly enrich records that have not been enriched before. Previously enriched records are never updated.
ImmediatelyContinuously rotate through all records, refreshing data without delay between cycles.
Every N daysWait N days after completing a full refresh cycle before starting the next one (default: 30 days).

Records Per Sync

Each sync processes up to a configurable maximum number of records. For Salesforce, the default is 10,000 and can be increased up to 50,000. The minimum configurable value is 1,000.

If your query matches more records than the configured limit, the remaining records are handled automatically:

  • New records (Step 1): Unenriched records will be picked up in the next sync since they still have empty fields — no progress tracking is needed.
  • Refresh cycle (Step 2): Suger tracks its cursor position across syncs to rotate through all records. For example, with 100,000 records and a limit of 50,000 per sync, the refresh cycle completes in 2 runs. Once a full cycle finishes, the next one starts based on your Refresh Existing setting.

Tracking Enrichment Progress

To monitor the status of your enrichment sync:

  1. Go to the enrichment configuration for your record type
  2. Expand Advanced Configuration
  3. Click Check Progress

The progress panel shows:

FieldDescription
StatusCurrent state — Active (only enriching new records, refresh disabled), Not Started, In Progress, or Waiting (cycle completed, waiting for next refresh interval)
Cycle ProgressPercentage of records processed in the current refresh cycle
Records ProcessedNumber of records processed out of total matching records
Last RunWhen the last sync ran and how many records it processed
Estimated Runs RemainingApproximate number of syncs needed to complete the current cycle

Disabling Enrichment

To stop enrichment for a specific record type, toggle it off in the enrichment configuration. This removes the enrichment rule, and no further syncs will process that record type.

To temporarily pause enrichment without removing the configuration, set Refresh Existing to Never — this will only enrich new records with empty fields and skip all previously enriched records.

Troubleshooting

If a user still sees the wrong button after assigning the correct permission set:

  1. Check the user profile

    • Go to the user’s profile and verify whether Salesforce automatically enabled additional custom permissions when the package was installed.
    • If unnecessary permissions are enabled, uncheck them. (screenshot: user profile showing Custom Permissions section)

  2. Force refresh the page

    • Ask the user to refresh with Cmd+R (Mac) or Ctrl+Shift+R (Windows).

  3. Object / Field-Level Security (FLS)

    • Ensure users have Read/View All permissions on Account, Contact, Opportunity, and any mapped fields.

  4. API Only User / Login Access

    • Remember that Salesforce Integration License is API-only; business users need a full Salesforce License + proper Permission Set.

Removing the Integration

To completely remove the Salesforce integration:

From Suger Console

  1. Navigate to Suger ConsoleSettingsIntegrationsSalesforce
  2. Click the 🗑️ Delete button
  3. This removes stored credentials from Suger

From Salesforce

  1. Go to SetupConnected Apps OAuth Usage
  2. Locate the Suger Connected App
  3. Click the User Count link
  4. Click Revoke (specific user) or Revoke All (all users)
note

If the User Count shows 0, the integration has already been fully revoked.