Spekit is a webapp that connects to your Salesforce org via OAuth, allowing you to import select metadata including objects, fields and pick-list values into the data wiki for documentation purposes. Certain object and field details are pulled from Salesforce whereas some are native to Spekit.
The data wiki’s unique design can easily be searched, filtered and shared with your end users who can access the info directly in Spekit or contextually using keyword match through the Chrome Extension.
When setting-up Spekit, users with a System Administrator profile in Spekit can authenticate with Salesforce using OAuth.
End-users have the option of signing in using Salesforce via OAuth or can sign-in directly with their Spekit email and password.
Yes, the Spekit Chrome extension works both in Lightning and Classic versions of Salesforce. Our system also comes pre-loaded with Knowledge Cards that help you make the transition from Classic to Lightning.
Spekit imports the following information about your fields:
- Internal description (populates Definition field in Spekit and managed in Spekit after first sync)
- Fields located on the object
- Record count for the object
- Type (Custom or standard)
- SFDC API Name
- SFDC setup link (to that object in Salesforce)
- Help text (populates Definition in Spekit and managed in Spekit after sync)
- Field Type
- Calculated Formula (for type = Formula)
- Related Picklist Values (for type = Picklist)
- Required (Y/N)
- Default value
- SFDC API Name
- SFDC setup link (to all fields view for that object)
For Picklist values:
- Parent Field
We also plan to pull in additional metadata types in upcoming releases
If you’re looking to import other types of metadata for documentation purposes, please share your use cases with email@example.com.
Yes, there are three different roles in Spekit that can be assigned to users.
Viewer: This role is designed for end-users who want to benefit from the definitions and rules documented in Spekit. Permissions include:
- Read-only access with ability to search and filter the data wiki in Spekit
- Chrome extension download and access.
Data Expert: This role is used to assign business owners in your organization to share their subject matter expertise on certain fields and terminology in the data wiki. Permissions include:
- Viewer permissions
- Create custom business terms
- Edit definitions and business rules
Admin: This role has full edit and configuration access in Spekit. By default, any user with a System Administrator profile in Salesforce is assigned this role. Permissions include:
- Data Expert permissions
- Import objects
- Import picklist values
- Hide terms in data wiki
Yes. When signing-up, users have the option to connect either using a Sandbox org or a Production org.
Note that at the moment, data cannot be transferred between orgs. In other words, if you decide to connect your production org to Spekit after your Sandbox, you will have to contact firstname.lastname@example.org to have any of your work or Data Expert assignments transferred.
In the Object Import screen, you have the option to import:
- Standard Objects (visible by default)
- Custom Objects (visible by default)
- System Objects (manually sync to view options)
- Installed Packages (manually sync to view options)
No. While Spekit uses your Salesforce metadata as a baseline, the goal is to create a source of truth and reference for anyone in your organization to access around the information and definitions they need around your data points and business terminology.
To this end, any Spekit user can access the information in Spekit using the webapp or Chrome Extension, regardless of whether or not they have a Salesforce license.
While we should not be viewed as a system of metadata backup, we do store logs on certain changes made directly in Spekit. For example, we track Last Edited On in Spekit, Last Edited By in Spekit, Last Synced from SFDC, etc.
Your organization likely enforces IP address restrictions at login.
To confirm that the IP address is the issue, do the following:
- Log into Salesforce
- Go to Setup –> Manage Users –> Login History
- Look for your login attempt with Spekit by searching the Application Name column for Spekit.
- The Status should read: ‘Restricted IP’ Error
- Write down the IP address in Source IP column
Next, try the following:
1) Create a Trusted IP range for Spekit in Network Access
- Go to Setup –> Security Controls –> Network Access
- Create a “New” trusted IP range for Spekit and enter the IP address you wrote down from the login attempt to your Trusted IP ranges in Network Access.
- Once that IP range is saved, try signing-in to Spekit again.
2) Enter IP address in User Profile
- If Login Fails after trying solution 1, see if the error message and IP address still remain the same.
- If yes, then go Manage Users –> Profiles –> Login IP Ranges
- Create a “New” trusted IP range for Spekit and enter the IP address.
- Once that IP range is saved, try signing-in to Spekit again.
3) Append the Security Token with Password.
- From your personal settings, enter Reset in the Quick Find box, then select Reset Security Token
- The new security token is sent to the email address in your Salesforce personal settings.
- Try logging in again by appending the security token to your password.
If these solutions don’t solve it, please email email@example.com
Spekit connects to your Salesforce instance(s) using the Describe, List, DescribeSObject, Retrieve Package, REST, Metadata and SOAP APIs. We extract the following information from your Salesforce instance(s):
• User profiles
• Salesforce organization info
• Object, field, picklist value counts
• Users (name, email, company name, ID URL, Salesforce ID, Last login date, title, department, division, employee number)
• All metadata details (describe API, list API)
No. We only import your object metadata when you connect to let you pick and choose what you’d like to import and document.
Only once you choose to import specific objects into Spekit from the Manage Objects page do we import the associated fields and picklists.
No. Our Salesforce integration only requires the “Modify Metadata” permission enabled. The application does not require “Modify all Data” permission which would grant access to your customer data stored in Salesforce.
Our Director of Engineering is primarily responsible for information security and can be contacted at firstname.lastname@example.org.
Not at this stage. Our mid-term goals include ISO 27001 certification. Since we don’t pull any financial information, SOC 2 is not relevant to us.
Does Spekit use any third parties in providing this service? What are they and how does each service interacts with customer data?
What procedures does Spekit have in place to determine whether a third party should have access to your customers’ data?
We don’t provide third-parties access to our customer data directly. The only access they get is in context of the services provided by the respective applications.
Amazon US East 2 (Ohio) and our office in San Francisco, CA.
How does the Spekit platform connect to customer systems? How are authentication credentials or tokens protected within the boundaries of your system?
We connect via Salesforce OAuth and store the refresh token from Salesforce in our database. We use transport and storage level security (TLS and AES256).
Data is encrypted in transit (HTTPS) and in storage (AES256). The metadata from your Salesforce org stored in ElasticSearch is not encrypted, however, it is password protected and firewalled.
Yes! You absolutely can.
Paste this address in your Chrome bar:
Scroll to the “Permissions” section and choose “On specific sites” from the column toggle.
Note that if you do this, turning Spekit icons on new sites won’t work unless you add that site to the list here as well.
1. Our app is hosted on AWS EC2 and uses RDS for data storage
2. Our servers and databases are behind firewalls and Intrusion Prevention Software
3. Access to our servers is limited to certain whitelisted IPs
Databases can currently only be accessed from our application servers. The credentials to the servers and databases are provided on a strictly need basis.
The application can have certain administrative users for customer support roles. These users will be restricted to using the application via web and/or mobile interfaces and will not be able to access the underlying servers and/or databases directly.
1. The production databases are hosted on AWS RDS and as such, it is not possible to access the underlying operating system. The databases are currently only accessible via the application servers.
2. The application servers can be accessed from certain whitelisted IP addresses via SSH
Is there a process for Spekit employees to request and provision access to production infrastructure?
All requests for privilege escalation and/or access to the production infrastructure go through the Tech Lead, the CPO and the CEO.
Yes, we have a quarterly review of access privileges and plan to make this more frequent as our team grows.
What steps has Spekit taken to prevent the introduction of malicious software to employee workstations and production servers?
Our production servers are hosted by AWS and are behind firewalls and Intrusion Prevention Software.
Our employees: 1) Have two-factor authentication enabled on all sites that support it, 2) Are aware of phishing attacks and other common vectors, 3) Must gain approval before installing any third-party software on Spekit systems
We have a quarterly online security awareness training that all employees must take.
What is Spekit’s security incident response process, including procedures for capturing, documenting, and remediating incidents or breaches of customer data?
We are in the process of setting up log analytics for our infrastructure. Once this system is up, we will configure automated alerts to detect anomalous behaviour. Once such an alert is generated, the Tech Lead will investigate the issue to determine the threat level. If an issue is discovered, a notification will be generated internally and will trigger our client information sharing procedures. The Tech Lead will meanwhile focus the energies of the team on mitigating the issue (based on the threat level). Periodic updates will be shared as deemed necessary. And once the incident has been resolved, a summary will be released.
We have applied for Privacy Shield and hope for to be certified in the next few months.
We do not have segregated duties between developers and server admins. As a result of this, our change management process is tightly coupled with ensuring security and compliance under the purview of our CPO and Tech Lead.
For changes to the Spekit platform, explicit approval is required from either the CPO, CEO or Tech Lead as a part of our agile development process. Requests and approvals are documented in our project management system of record.
Yes. We conduct both end-to-end functional QA and regression tests on our internal staging environments (including testing Salesforce integrations) before releasing new functionality to production.
There are two types of Spekit accounts:
Connected to Spekit using Salesforce OAuth 2.0 (allows users to login with Salesforce login and password)
Connected via Spekit email and password.
For users who have signed up or been invited via Spekit email/password, we provide enhanced security measures such as:
Notifications for successful/unsuccessful login events
Prevent users from reusing passwords
Password complexity policy
Disabled outdated TLS 1.0 standards to boost security
As an admin, you can re-sync metadata from your Salesforce org at any time by going to the Accounts section and clicking “Manual resync”.
You may be asked to re-authenticate your org by logging into Salesforce.
Behavior upon re-sync:
- New Objects: New objects will show up in the Manage Objects section (accessible from Accounts).
- New Fields: New fields that belong to previously imported objects will show up as new terms in the Data Wiki.
- New Picklist Values:
- For picklist values you haven’t imported: We will show you the updated list of values available for import upon re-sync.
- For picklist values you HAVE imported – we aren’t pulling in any additions on re-sync right now. Upcoming fix: 1) You re-sync 2) We detect that you’ve added new picklist values to a previously imported set 3) We autoimport the new values”
The associated Spekit terms remain unchanged in the Data Wiki even if you delete them in Salesforce.
Coming soon: We have a feature upcoming that marks all deleted objects, fields and picklist values in your org as “Retired” and auto-hides them from end users upon re-sync. We won’t delete so that you don’t lose any information against the old terms, and as an admin, you will be able to filter in and view these “Retired” terms.
Since we use the API Name as the unique identifier to import terms, renaming the API Name/Name will create a second term in Spekit with the new API Name/Name upon re-sync.
Upcoming feature: Ability to manually mark duplicate values as retired
Upon re-sync, we will update the label of the associated term in Spekit to reflect your changes in Salesforce.
Upon re-sync, we’ll reflect the updated Data Type in Spekit.
Note that if you change a field with Data Type = Picklist to another Data Type, any previously imported picklist values will not be removed when you update the Data Type.
Yes, you can! We provide excel import and export via the Settings section.
Please note that right now, you cannot upload docs into Spekit – just embedded videos, images and links.
Yes, you can connect with a System Administrator profile user that has a non-English language setting. However, please note:
- Standard field labels will be imported in English
- Custom objects will be in the language you use
To try with your own org, sign up for a demo and follow instructions to “Connect your Salesforce”.
If you’d like to un-hide these fields, simply go to filters and toggle on “Show hidden terms.” Now you’ll be able to see the hidden fields and click the “eye” icon to unhide the ones you want.
Exception: This only applies to newly imported objects as of August 15, 2018. It doesn’t apply to objects that were imp0rted before we released this enhancement (pre-August 15, 2018). If you’d like to hide these fields please search > bulk select > mark as hidden.
Data Wiki cards can be added by any Spekit Admins or Data Expert in the data wiki in two easy steps:
- Use the drop-down menu to add a new card
2. Add your details:
3. Use the search bar or navigation tab to find all your custom cards easily
With custom columns, you can add custom, company-specific information to existing fields, objects or other metadata in your Data Wiki. In other words, it’s a streamlined way to extend the benefits of the Spekit data dictionary to other parts of your business.
Here are some use cases to get you started:
- Source: Do you struggle to figure out how a particular field is populated? Create a column to store the original source of that data, ex: Is it from a website sign-up form or is it manually entered data?
- Mappings: Store mappings between Salesforce API names and other internal databases or system API names to make it easier for anyone in your company to work on a report or integration.
- GDPR compliance: Keep track of which fields or objects in your Salesforce org store personal data.
- External Links: Add links to external documentation related to your metadata at the field, picklist or object-level, ex: Training modules in Trailhead, and tickets in JIRA/Confluence or Cases.
- Custom definitions by team: Store relevant info catering to different audiences, ex: a “Retail Sales Definition” column.
- Synonyms: Do you use certain terms interchangeably? Add a column for synonyms so that Spekit can easily pull up matches regardless of what term the user searched.
Custom columns can be added by Spekit Admins to all terms, or to a single term type. For example, you may just want to track that data point for objects and not for fields or picklist values.
Custom columns and their data can be viewed by all users. Once added, the new data point will appear in the expanded when clicking on a term. Text can be added to the custom columns in the same way that the definition or business rule is updated by clicking the edit button.
You can also use the column toggle to display new columns in the main Data Wiki.
There are multiple ways to add an image to Spekit. Here’s how:
From the web or box:
Right-click an image + Copy Image Address.
Paste image address with .jpeg or .png format into the rich text editor in Spekit.
From Google Drive:
Use this link format:
- Upload your image to your Google Drive Folder
- Open the file to get the ID:
- Copy this link into the image upload box in Spekit and replace the XXXXX with your image ID