Data 360 Lineage For Trusted Numbers
Two reports. Two very differentnumbers. One very uncomfortable meeting. That scenario plays out in revenue reviews, board updates, and pipeline calls more often than most teams admit. When it does, the instinct is to find the right number. The better instinct is to find out why two different numbers existed in the first place. What lineage actually solves in executive reporting The word lineage sounds technical (and maybe a bit historical), but the problems it solves are completely opposite of it. When a metric is wrong, or when two teams are working from different versions of the same metric, the question that matters is not which number is correct. It is: where did this number come from, what touched it along the way, and when did it last change. Lineage answers that question. It creates a traceable record from source data through transformations to the final figure that appears in a report or dashboard. Without it, root-cause analysis turns into a conversation where everyone points at a different system and nobody can prove anything. For decision makers, lineage is the difference between a reporting dispute that takes three days to resolve and one that takes three hours. How to operationalize lineage in governance Lineage by itself is a record. The practical starting point is mapping critical KPIs to their upstream sources. Not every metric needs deep lineage documentation. The ones that drive decisions, that appear in board reporting, that tie to revenue targets or customer commitments, those need a clear owner, a known source, and a documented transformation path. Once that map exists, the next step is defining what triggers a review. A source schema change. A calculation update. A new data connector going live. These are the moments when lineage documentation needs to be updated and when stakeholders need to know that a metric may have changed its meaning even if the number looks similar. Building this into standard change management processes is what separates teams that prevent reporting disputes from teams that spend Monday mornings resolving them. Who owns sources, transformations, and activation One of the more uncomfortable questions lineage surfaces is ownership. When data moves from a source system through a transformation layer and into a report or segment, each step should have a named owner. In practice, it often does not. Source data is owned by whoever manages the integration. Transformations were built by a developer who may no longer be on the team. The report is owned by whoever uses it most frequently, which is not the same as owning the data behind it. Data 360 supports explicit ownership assignment across sources, calculated insights, and activation targets. The governance value of that is not just administrative tidiness. It means that when a number changes unexpectedly, there is a clear escalation path. Someone is accountable for each layer. For RevOps and IT leaders, building that ownership map into onboarding for new data assets is a significantly more effective practice than reconstructing it after a reporting incident. Change control for analytics and segments Segments built in Data 360 can drive marketing journeys, sales prioritization, service routing, and AI agent behavior. When a segment definition changes, the downstream effects can be substantial. A change to an audience filter might quietly exclude a large group of high-value accounts from a nurture sequence. A modified calculation might shift how pipeline is categorised in forecasting. Change control for analytics assets follows the same logic as change control for code. Document what changed. Note who approved it. Record what the definition was before. Make it recoverable. Data 360 Unified Lineage gives this process its foundation by logging transformations and activation events. The approval workflow and the communication to stakeholders still requires a deliberate governance decision. Validation checks before activating new data A new data source going into production without validation checks is a common source of metric drift that nobody notices for weeks. The ingestion works. The records land. The numbers look plausible. But the field mapping is slightly off, the identity resolution rules do not account for a quality issue in the source, and slowly the unified profile becomes less accurate than the system it was meant to improve. Adding validation checkpoints before activating new data is not a significant overhead. It is a comparison of expected record counts, a check on field completeness, a review of identity resolution match rates before the new source is used in reporting or segmentation. Building this into the activation workflow rather than treating it as an optional QA step is what keeps lineage trustworthy over time. A lineage record that shows a clean path through a poorly validated source is not governance. It is a well-documented mistake. What decision makers should prioritize Reporting trust is a business problem with a governance solution. The technical capabilities to track, audit, and govern data from source to activation exist in the platform. What requires a leadership decision is the commitment to build ownership, change control, and validation into standard operating practice rather than treating them as documentation exercises that happen after something breaks. The organizations that do this well tend to share one common trait. They decide that a reporting dispute costs more than the governance process that prevents it, and they act on that before the dispute happens rather than after. Map critical KPIs to their upstream sources and assign a named owner to each layer Define what events trigger a lineage review and communicate changes to stakeholders proactively Add validation checks to the activation workflow so new data earns its place in reporting before it influences decisions Trust in data improves when data has a paper trail, and a paper trail only exists if someone decided it was worth building. TrueSolv can build a lineage-first reporting governance model for your Salesforce and Data 360 environment. Follow our newsletter for data and CRM operations topics. Contact us.
Salesforce External Client Apps Integration
Most Salesforce orgs have integrations that nobody fully owns. They were built by a consultant who left, configured by an admin who no longer remembers the details, and authenticated with credentials that nobody rotates. They work, so nobody touches them. But now Salesforce just made it a lot harder to ignore. The integration sprawl nobody talks about When teams evaluate their Salesforce stack, they focus on licences, features, and adoption. Integrations sit in the background doing their job until they do not. Then everyone scrambles to find the person who built it, locate the credentials, and understand what it even does. This is common. A mid-size org running Salesforce for several years typically has dozens of active integrations. ERP connectors, marketing platforms, data enrichment tools, internal APIs, partner feeds. Each one was set up for a reason. Very few of them were set up with a clear owner, a documented auth pattern, or a rotation schedule. Shared credentials mean a breach in one system can pivot into Salesforce. Unused integrations with live tokens are open doors. Integrations running on admin user accounts are a compliance issue waiting to surface. Why Connected Apps became a governance headache Connected Apps have been the standard way to give external systems access to Salesforce for years. They work. But they were built for a simpler era when integration landscapes were smaller and security expectations were lower. The core problem with Connected Apps at scale is visibility. They are globally available by default, meaning any external system can attempt to authenticate against your org once a Connected App exists. Developer settings and admin policies were intertwined, making it difficult to separate who was responsible for what. And because they were easy to create, orgs ended up with a lot of them, many with broader OAuth scopes than the integration actually needed. The result is a long list of Connected Apps in Setup, some active, some dormant, most with unclear ownership, and a few with permissions that made sense in 2019 and look alarming today. What External Client Apps actually fix Salesforce introduced External Client Apps as the next generation of integration framework, and the design decisions reflect real governance priorities rather than just technical modernisation. The most important change is the default posture. Unlike Connected Apps, an External Client App cannot be used to authenticate against an org unless it is explicitly installed or defined there. Shadow connections, where an external tool authenticates without an architect or admin ever deliberately permitting it, are no longer possible with this model. The second significant change is role separation. Connected Apps blurred the line between the developer who built the integration and the admin who managed it. External Client Apps formalise two distinct configuration layers. Developers define what the app is capable of. Admins in each org control when and how it is used. That separation creates clear ownership, which is what governance actually requires. Third, External Client Apps are built for modern authentication patterns. Older flows that embedded credentials directly are no longer supported. The model enforces explicit client identity, modern OAuth flows, and clear boundaries between authentication, authorisation, and policy enforcement. What this means for your integration register The shift to External Client Apps is an opportunity to build something most orgs are missing: a documented integration register. Not a spreadsheet someone made two years ago. An actual record of every system connecting to Salesforce, with the following information attached to each entry: System name and business purpose. Integration owner, both technical and business-side. Authentication type and OAuth flows in use. Scopes granted and whether they are proportionate to the function. Token rotation schedule and last rotation date. Whether credentials are shared with other integrations or systems. Risk classification: what data can this integration read, write, or delete. This is not an extensive project. Most of the information already exists somewhere. The work is centralising it, assigning owners, and making it part of standard operational practice rather than a one-time audit exercise. Building an approval flow for new integrations One pattern that pays off quickly is a lightweight approval process for new integrations before they go live. Not a bureaucratic gate, but a structured conversation that covers the basics. What does this integration need to access in Salesforce and why. Which authentication flow will it use. Who owns it on both the vendor side and the internal side. What is the plan when credentials need to rotate or the vendor relationship ends. External Client Apps support this pattern well because the separation between developer configuration and admin policy means there is a natural checkpoint. The integration has to be explicitly admitted into the org. That moment is the right time to answer these questions rather than after the fact. Token rotation and monitoring as standard practice Credential rotation is one of those practices most teams agree with in principle and very few apply consistently. With integrations, the problem is that rotation requires coordination between Salesforce, the external system, and whoever manages that vendor relationship. It is easy to defer. External Client Apps support automated credential rotation through the Metadata API, which removes much of the manual friction. For teams running DevOps pipelines, this means rotation can become part of standard operations rather than a quarterly reminder that gets ignored. On the monitoring side, Setup Audit Trail logs policy and setting updates for External Client Apps. Pairing that with event monitoring on API access gives you a clearer picture of what each integration is actually doing versus what it is permitted to do. Anomalies become visible. Dormant integrations surface. Over-permissioned apps become easier to identify and fix. Migration considerations for existing Connected Apps Salesforce has provided a migration path from Connected Apps to External Client Apps, and the trajectory of the platform makes it clear that External Client Apps are the long-term model. That does not mean everything needs to migrate immediately. Working integrations that are not causing governance problems do not need to be touched
