# Anypoint Community Manager Package Post Installation Instructions {% hint style="warning" %} Make sure that [Lightning Web Service is enabled in your organization](https://developer.salesforce.com/docs/platform/lwc/guide/security-lwsec-enable.html). {% endhint %} After installing the Revenium Unmanaged Package within the context of Anypoint Community Manager (ACM), there are a few steps needed before you can use it in your organization. ### Important ACM Pre-Requisites: {% hint style="danger" %} ACM setup requires a scope to be set in the named credential for Anypoint in Salesforce to determine which APIs from Anypoint can be visible in the Revenium package. * Search in Salesforce for "Named Credentials" and the "Anypoint" named credential to verify this is set up correctly (Figure 1). {% endhint %}

You also need to make sure your subscribers in ACM are assigned to a [Team](https://docs.mulesoft.com/access-management/teams) in Anypoint Platform with the following permissions: | Category | Permissions | | ----------- | ----------------------------------------- | | Exchange | Exchange Viewer | | API Manager |

Manage Contracts
View Contracts

| Table 1. Anypoint Team's configuration. {% hint style="warning" %} If you would not like to receive the default Anypoint email notifications [follow this guide](https://help.mulesoft.com/s/article/Disable-Default-Anypoint-Email-Notifications-does-not-work). {% endhint %} ## 1. Updating the Revenium API Credential External Credential {% hint style="danger" %} [Please ensure the **Revenium API Credential** External Credential Principals are enabled in the **Revenium User** Permission Set for proper API access](https://help.salesforce.com/s/articleView?id=xcloud.nc_enable_ext_cred_principal.htm\&type=5). {% endhint %} To ensure seamless integration with Revenium, you must update the **Revenium API Credential** External Credential in Salesforce [with the one you obtained from Revenium](https://docs.revenium.io/ai-and-api-monetization/api-integration-keys). Follow these steps to locate and modify the External Credential: 1. Navigate to **Setup**: * In Salesforce, click the gear icon (**Setup**) in the top-right corner. * Select **Setup** from the dropdown menu. 2. Access **Named Credentials**: * In the Quick Find box on the left sidebar, type "**Named Credentials**". * Select **Named Credentials** under Integrations. 3. Locate the **External Credential**: * On the **Named Credentials** page, find and click on the **Revenium Named Credential**. * On the **Revenium Named Credential** detail page, locate the **External Credentials** section and click on the **Revenium API Credential**. 4. Edit the API key in the Custom Header: * Within the **Revenium API Credential** details, locate the section related to "Custom Header Parameters". * Find the custom header parameter with the name `X-API-KEY`. * Click Edit next to this parameter. * Replace the existing value [with the new API key obtained from Revenium](https://docs.revenium.io/ai-and-api-monetization/api-integration-keys). * Click Save. ## 2. Add Trusted URLs 1. Go to **Setup > Security > Trusted URLs** and click on **New Trusted Site** (Figure 2). 2. Create the required Trusted Sites as described in Table 2.

Trusted Site Name	Trusted Site URL	Active	Context	CSP Directives
Revenium_API_URL	https://api.revenium.io/	Yes	All	Allow site for connect-src, Allow site for frame-src
Stripe_API	https://js.stripe.com	Yes	All	Allow site for connect-src, Allow site for frame-src
Google_Pay	https://pay.google.com	Yes	All	Allow site for connect-src, Allow site for frame-src
Raygun_API	https://cdn.raygun.io	Yes	All	Allow site for connect-src
Revenium_CDN	https://cdn.prod.hcapp.io	Yes	All	Allow site for img-src
Salesforce_Maps	https://maps.a.forceusercontent.com	Yes	All	Allow site for connect-src, Allow site for frame-src

Table 2. Trusted URLs configuration. {% hint style="info" %} If you use external images in your product description fields that support markdown syntax, you need to add the images host to the Trusted URLs configuration with the "Allow site for img-src" option enabled. {% endhint %} ## 3. Configure Remote Site Settings 1. Go to **Setup > Security > Remote Site Settings** and click on **New Remote** Site (Figure 3). 2. Create the required Remote Sites as described in Table 3.

Remote Site Name	Trusted Site URL	Disable Protocol Security	Active
Revenium_API_URL	https://api.revenium.io/profitstream/	Yes	Yes

Table 3. Revenium API Key configuration. ## 4. Assigning Revenium User Permission Set. When using the Revenium Salesforce Package with a Salesforce Profile different from **System Administrator**, you need to assign the Permission Set **Revenium User** to the subscribers under that profile in order to make it work. To do this, go to Setup > Permission Sets > **Revenium User** > Manage Assignments (Figure 4). After that, assign the corresponding Subscribers to it and click **Next** (Figure 5). Finally, select an expiration date if appropriate and click **Assign** (Figure 6).

Figure 4. Permission Set's Manage Assignments button.

Figure 6. Setting an expiration date for the Permission Set.

## 5. Configuring the Guest User and Profile-based Access. When using the Revenium API Commerce Salesforce Package with a **Guest User**, you need to add the permissions specified in Table 4 for the minimum permissions that need to be applied. If your organization requires granting access through standard Salesforce profiles (instead of Permission Sets), you must manually add the required field and object-level permissions to each relevant profile.\ This approach allows you to customize access for different user groups according to your security model. | Name | Type | Permission | | ----------------------------------- | ------------------------------------------- | ---------- | | Current HC Org | Field (Object: User) | Read/edit | | AnypointRepository | Apex Class | Access | | ApplicationsRepository | Apex Class | Access | | AssetsRepository | Apex Class | Access | | CommerceRepository | Apex Class | Access | | CommunityFilterRepository | Apex Class | Access | | DataParserUtil | Apex Class | Access | | DateHelper | Apex Class | Access | | ElementsRepository | Apex Class | Access | | GraphQLRepository | Apex Class | Access | | IntegrationHelper | Apex Class | Access | | InvoicesRepository | Apex Class | Access | | MetricsRepository | Apex Class | Access | | OrganizationsManager | Apex Class | Access | | OrganizationsRepository | Apex Class | Access | | PaymentsRepository | Apex Class | Access | | ProductKeysRepository | Apex Class | Access | | ProductsRepository | Apex Class | Access | | ReveniumRepository | Apex Class | Access | | UserHelper | Apex Class | Access | | UsersRepository | Apex Class | Access | | Revenium\_API\_Credential - API Key | Enable External Credential Principal Access | Enabled | | User External Credentials | Object | Read | Table 4. Required permissions. {% hint style="info" %} This following step applies only to Guest User configuration. Follow it only if your site is enabled for public access and allows guest subscribers. {% endhint %} To continue setting up Guest User access, follow these steps: 1. In Salesforce Setup, enter sites in the Quick Find box and select **All Sites**. 2. Next to the site that you want to access, click **Builder**. 3. In Experience Builder, click the **Settings icon** and select **General**. 4. Under Guest User Profile, click the guest user profile link (Figure 7).

Figure 7. Guest Subscriber profile configuration access.

In the Field-Level Security section you can set the Read/Edit access for the Current RM Org field from the Subscriber object (Figure 8). Moreover, in this profile menu you will see the options to enable access to Apex Classes, Custom Objects and Named Credentials listed in Table 4 (Figure 9).

Figure 8. Current RM Org Field Level Security settings.

Figure 9. Edit Profile access to Apex Classes, Custom Objects and Named Credentials.

Finally, allow the Guest Users to access Private Resources: 1. In the [site's Builder](https://help.salesforce.com/s/articleView?id=experience.community_designer_ui.htm\&language=en_US\&type=5), navigate to **Settings**, then select **General**. 2. Under **Guest User Profile**, click the profile name. 3. Click **System Permissions**. 4. Click **Edit**. 5. Select the **View Private Static Resources** permission and click **Save**. ## 6. Remove the API's standard request access button. {% hint style="danger" %} It is necessary to remove this button so that dev portal Subscribers only receive access to your monetized APIs through the Revenium drop-in storefront. This way you can require payment before access is granted. {% endhint %} In order to remove the API's standard request access button from ACM, shown in Figure 10, please drag and drop the **Remove Source Access** component above the Template footer on the Application Details page of the site (Figure 11).

Figure 10. Standard request access button.

Figure 11. Remove Asset Access component.

## 7. Add products and Sources to your portal. {% hint style="danger" %} Not adding your products and sources to your portal will result in inconsistent behavior in your ACM account and the inability to view contracts in your portal. {% endhint %} Finally, you will need to add the products/sources you have created in Revenium to your ACM portal. To do this, first [create your product](https://docs.revenium.io/user-guide/manage/products#create-a-product) or [source](https://docs.revenium.io/user-guide/manage/assets#create-an-asset) in Revenium. Then, you will need to [synchronize them to your Anypoint's account](https://docs.revenium.io/integrations/mulesoft/anypoint-api-group-synchronization). After this, go to API Community Manager application in Salesforce and then go to the API Curator. Select the site you are working on from the site's dropdown menu shown in Figure 12.

Figure 12. Selecting the site in the API Curator.

Go to the **Sources in Anypoint Exchange** tab. If you've followed the previous steps you should be able to add the product/source to your portal site by searching for its name in the search box, selecting it and then clicking the **Add to your site** button, as depicted in Figure 13. Click **Add** in the following screen prompt.

Figure 13. Adding your product/asset to your portal.

To check that it has been properly added to your site, go to **Sources in your Site** tab and search for your product/source. If there were no errors in the process your product/source should be listed there (Figure 14).

Figure 14. Checking that the product/asset has been added to the site.

Your site is now all set for use with Revenium's ACM integration. ## 8. Set the Revenium API Access Requester button. To ensure a smooth workflow for subscribers requesting access to your API bundles, it's essential to include the "View Available Products" button directly on your API Detail detail page (Figure 15). By placing this component on an source details page, a button will appear that will do two things, 1) return the subscriber to the catalog page including the “Drop-In Storefront” component, 2) filter the list of displayed products in the displayed storefront to show only products that contain the source on the original page that the user was browsing. This allows subscribers who are interested in using a particular API to understand which products they can purchase that include that API. By having the button readily available, subscribers can efficiently access the storefront and request access to the desired API bundles within a single, streamlined experience.

Figure 15. API Access Requester is put in the API detail page.

You also need to provide the API name of the page your storefront is located [by following the instructions outlined in the API Access Requester documentation](https://docs.revenium.io/user-guide/integrations/mulesoft/commerce-lightning-web-components/api-access-requester). By default, the API Access Requester button redirects you to the Home page of your Experience Cloud site. ## 9. Common Issues & Troubleshooting Checklist If the storefront is not working as expected, verify the following:

Step	Item	Common Issue
1	Permission Set Assignment - Ensure the `Revenium_User` permission set is assigned to all Experience Site users, or configure the Site Guest User profile according to the permissions table referenced in “5. Configuring the Guest User and Profile-based Access.”	Users see "Insufficient Privileges" errors
2	Named Credential Configuration - Verify `Revenium_API` Named Credential is properly configured with valid endpoint: https://api.revenium.io/profitstream/	API calls fail or return 401/403 errors
3	External Credential Setup - Confirm `Revenium_API_Credential` External Credential has valid API key	Authentication failures on product/asset retrieval
4	Component Placement - Verify `communityStorefrontContainer` is added to the Experience Site page	Blank page or missing storefront
5	Mulesoft Organization ID - Ensure the correct Org ID is set in component properties	Empty product list or sync failures
6	Tab & Display Options - Review component settings for desired visibility options	Missing tabs or unexpected UI behavior
7	End-to-End Test - Test the full flow with a user who has the permission set assigned	Validates complete configuration