Skip to main content

Fin Messenger: Embedding in your Salesforce portal

This guides you through the steps to install the Fin Messenger on a Salesforce webpage.

Updated over a month ago

You can install Fin Messenger on your Salesforce site using a pre-built package. Once installed, you’ll configure custom settings, update your content security policy (CSP), and connect Fin securely to your Salesforce environment.

Install Fin Messenger on a Salesforce webpage

1. Install the package in Salesforce

To install Fin Messenger on a Salesforce webpage, we've created a package you can install, which simply creates a custom setting definition.

You'll need to install the package in your Salesforce environment, before following the steps below.

Install package in production

Or

Install package in sandbox

2. Configure Fin Messenger settings in Salesforce

After installation, you’ll see a new custom setting called Fin Messenger Settings. You’ll use this to connect Salesforce with your Fin app credentials.

A) Access Fin Messenger Settings

In Salesforce:

  1. Go to Setup > Custom Settings.

  2. Open Fin Messenger Settings.

  3. Click Manage.

  4. Click New to set the Default Organization Level Value

B) Configure the App ID custom field

  1. In Fin, go to Settings > General to find your App ID.

  2. In Salesforce, open Fin Messenger Settings.

  3. Enter your App ID in the App ID custom field.

C) Configure the JWT Secret Key custom field

  1. In Fin, go to Settings > Fin Messenger to find your JWT Secret Key.

  2. In Salesforce, open Fin Messenger Settings.

  3. Enter your JWT Secret Key in the JWT Secret Key custom field.

3. Configure content security policy (CSP)

Once your Fin Messenger settings are configured, set up the required CSP rules to allow Fin Messenger to load securely.

A) Access Site Security & Privacy

In Salesforce:

  1. Go to Setup > Sites > (your site) Builder.

  2. Open Settings > Security & Privacy.

B) Configure Security Level

Set the Security Level to Relaxed CSP. This allows you to add the required script to the site’s head markup.

C) Configure Trusted Sites for Scripts

Add these trusted sites:

D) Configure Trusted URLs

  1. Go to Setup > Trusted URLs.

  2. Add the URLs from this article with the relevant CSP directives.

  3. Set CSP Context to All or Experience Builder Sites.

4. Add the Fin Messenger script to your Salesforce portal

Add the following JavaScript to your site’s Head Markup.

This script listens for the finMessengerData event, then dynamically loads Fin Messenger with the encoded JWT and App ID.

<script>
  window.addEventListener('finMessengerData', function (e) {
    const finMessengerData = e.detail;

    // Do not boot if no JWT
    if (finMessengerData.jwt == null) {
      return;
    }

    window.intercomSettings = {
      app_id: finMessengerData.appId,
      intercom_user_jwt: finMessengerData.jwt,
      api_base: "https://api-iam.intercom.io"
    };

    loadIntercom(finMessengerData.appId);
  });

  function loadIntercom(appId){var w=window;var ic=w.Intercom;if(typeof ic==="function"){ic('reattach_activator');ic('update',w.intercomSettings);}else{var d=document;var i=function(){i.c(arguments);};i.q=[];i.c=function(args){i.q.push(args);};w.Intercom=i;var l=function(){var s=d.createElement('script');s.type='text/javascript';s.async=true;s.src='https://widget.intercom.io/widget/'+appId;var x=d.getElementsByTagName('script')[0];x.parentNode.insertBefore(s,x);};if(d.readyState==='complete'){l();}else{if(w.attachEvent){w.attachEvent('onload',l);}else{w.addEventListener('load',l,false);}}}}
</script>

Important: The api_base value will need to be updated based on your regional location, see the table below to pick the right value:

Regional location

API base to set

US

https://api-iam.intercom.io

EU

https://api-iam.eu.intercom.io

Australia

https://api-iam.au.intercom.io

5. Add the Fin Messenger component to your Salesforce webpage

In Salesforce:

  1. Go to Setup > Sites > (your site) Builder.

  2. Drag and drop the Fin Messenger component onto your portal page to deploy it.

6. Edit the Apex Class to control user data sent to Fin

In Salesforce:

  1. Go to Setup > Apex Classes > JwtGenerator.

  2. Click Edit.

You can:

  • Update the Salesforce query to define how current user information is retrieved.

  • Choose which field sets the userId for unique user identification.

  • Append to additionalAttributes to include more user data attributes sent to Fin.

FAQs

How do I find my Fin App ID?

Go to Settings > General. Your App ID is listed under the App details section.

Where can I find the JWT Secret Key?

In Settings > Fin Messenger, copy your JWT Secret Key.

What if the messenger doesn’t load?

Check your CSP settings. Ensure both trusted script URLs and trusted URLs are configured correctly and the security level is set to Relaxed CSP.

Can I restrict which user data is sent to Fin?

Yes. Edit the JwtGenerator Apex Class to customize which user fields and attributes are included.

Did this answer your question?