Last June I was one of the presenters at Integrate 2017. And man, I had a blast! Can’t thank enough Theta for sponsoring me going to the event, and Biztalk360 for having me as presenter. It was an amazing experience…
Today the video of my presentation has been published. So go check it out and also check out the amazing presentations on this year’s edition.
Putting theory into Practice
I choose this topic after talking to Saravana Kumar, Biztalk360 founder, which was looking for some topics about BizTalk to balance out the conference. But since coming back from London, I keep bumping into real cases where the power of BizTalk combined Azure components made created the perfect solution. One of the scenarios I am working at the moment looks like this:
In this scenario, SalesForce needs to integrate with a Legacy CRM application on-prem. The client already uses BizTalk to integrate a couple of on-prem systems, including CRM application, which recently had an API layer implemented.
The early designs for that solution was to use logic apps to integrate with SalesForce both ways, but that would have a cost implication because of the polling approach required and, to a lesser extent, to the number of API calls to SalesForce. SalesForce have a maximum number of API calls based on the number of licenses, and although this solution wouldn’t make a big enough dent on that to be of concern, it was another dimension to take in consideration during design.
Discussing with the SalesForce developer, I found that SalesForce had the ability of executing outbound calls to a SOAP endpoint (1). So I suggested to leverage from BizTalk’s ability to integrate with Azure Relays (2). From there integrate with the CRM API (3,4,5) was known, as we had done that before.
In order to integrate BizTalk to SalesForce, for example to enrich the message with extra information from SalesForce (2a), or to return updates form the CRM application (6), we decided that this was a good place to leverage from Logic Apps. The main reason for that was how fast was to implement the integration with SalesForce from Logic Apps, using the SalesForce connector (7).
The best of all of this was that we could try variations of the approaches on our sandbox and prove what could work or not, adjusting and finding the best solutions in a couple of hours, during a brainstorm session. How about that for agile?
Securing SalesForce Calls to BizTalk
Next step on this discussion was security. Initially I thought about securing the transport using client certificates. But I was not sure about the implications of that when using the AzureRelay. RelayTokens would also create its own challenges, as we were using outbound messages, and were trying to keep SalesForce without code customizations as much as possible. Researching about this took me to this article from Richard Seroter, where he suggests that we can secure this call using a shared secret.
We decided to go this route and created a simple pipeline component that validated the secret, rejecting messages that didn’t provided the secret.
Securing BizTalk calls to Logic Apps
In order to secure the logic apps that would be called by BizTalk, we used the IP filtering approach. This way, only calls initiated from company’s public IP would be accepted by Logic Apps. This was good enough for the proof of concept, but for final implementation, we might use a similar approach used to secure the SalesForce interface, and add a shared secret, to guarantee that only calls coming from authorized sources can be executed.
It was quite interesting to start identifying hybrid integration scenarios that expanded beyond the BizTalk + Logic Apps Dynamic Duo. In the scenario above, I found and option that was fit for purpose, cost effective and provided a good performance. Not bad for a couple of hours research.
For me, the biggest advantages of Microsoft integration space right now, is the wide range of choices available. We just need to be aware of the options and make sure that we keep them in mind while designing hybrid solutions.
I hope you enjoyed the post, and see you next time!