Data Packs also can grow to be orphaned, for instance, if the consumer creating them presses the cancel button in the course of the course of. On this case, their attachments get created and by no means eliminated. Worse, they don’t seem to be listed on the Data Packs stock web page in OmniStudio, making it tougher for admins to detect them.
When embedded in an exterior web site, FlexCard or OmniScript parts want an entry token to entry Salesforce. These tokens should be created utilizing an OmniOut app. Nonetheless, an internet site’s end-user can examine the API requests domestically of their browsers and extract this token, which might then be misused. Costello recommends that corporations use a proxy for communication between exterior OmniStudio parts and Salesforce.
A proxy, nevertheless, gained’t assist when the token itself is embedded in OmniOut code that has been compromised or saved in public model management programs like GitHub. Moreover, a proxy might introduce dangers if it’s poorly configured to ahead requests with out validation, as customers might try and tamper with parameters and values.
