Configure Salesforce Security

This information is for the legacy Salesforce solution using classic AssureSign document templates. For all new installations, the new AssureSign for Salesforce Lightning solution should be installed. Refer to Salesforce Lightning for more information.

Salesforce requires that you explicitly give permission to access external services and to allow external services to provide real-time updates to your Salesforce account.

Remote Site Settings

In order for your application to communicate with the Nintex eSign site the Nintex eSign URL must be entered into the Salesforce Remote Site Settings. This should be done during the package installation process by agreeing to the Third-party Access Approval screen when it appears.

The manual process for adding Remote Site Settings is:

  1. In your Salesforce environment navigate to Setup>>Administer >> Security Controls >> Remote Site Settings

  2. Click the New Remote Site button

  3. Enter https://www.assuresign, https://na1.assuresign.net, https://ca1.assuresign.net a Remote Site URL (depending on which Nintex eSign instance your account is running in).

  4. If you have an Nintex eSign Sandbox environment, enter https://sb.assuresign.net as a Remote Site URL.

Many settings are case sensitive within the Salesforce environment. In this case, make sure you enter the URL all lower case as shown above.

Session Settings

In order for the Nintex eSign site to access Salesforce documents or attachments selected during setup, you must modify Salesforce Session Settings:

  • Navigate to Setup >> Administer >> Security Controls >> Session Settings.

  • Uncheck the Lock sessions to the IP address from which they originated option and click Save.

Network Access Settings

In order for Nintex eSign to automatically update the status of your documents as they are signed and completed via DocumentTRAK services, you must add Nintex eSign IP addresses as trusted IP addresses:

  1. Navigate to Setup >> Administer >> Security Controls >> Network Access

  2. Click the New Trusted IP Range button

  3. Add the following ranges:

  • 168.61.21.2 to 168.61.21.2

  • 168.62.160.179 to 168.62.160.179

  • 52.228.45.249 to 52.228.45.249

  • 137.116.70.238 to 137.116.70.238

  • 104.209.187.86 to 104.209.187.86

  • 104.209.185.209 to 104.209.185.209

Important: Click for a current list of Nintex eSign IP Addresses

The Nintex eSign environment contains built in DocumentTRAK communication modules. While the communication details are hidden there (for example, these modules will detect which Salesforce environment you are running on), the Network Access Settings discussed here are required to be set within Salesforce so that the Salesforce application detects that communications are coming from an expected source.