Set Up the Agentforce Sales Agent for Gemini (Beta)

To bring your Salesforce data into Gemini so your sellers can research, strategize, and close more deals, turn on the Agentforce Sales Agent for Gemini and complete the setup in Salesforce and Gemini.

Required Editions

Turn On Agentforce Sales Agent for Gemini

1. From the gear icon, select Salesforce Go.

2. Search for Agentforce Sales Agent for Gemini (Beta).

3. Go to the Agentforce Sales Agent for Gemini (Beta) page and turn it on.

Create and Configure an External Client App

1. To create an External Client App, go to Setup. On the External Client App Manager page, click New External Client App. 

2. Enter the app name, Gemini Integration. Add your Salesforce email, and leave the Distribution State as Local.

3. Open API (Enable OAuth Settings) and select Enable OAuth.

4. In Callback URL, add these URLs, each on a separate line: 

• https://vertexaisearch.cloud.google.com/oauth-redirect

• https://vertexaisearch.cloud.google.com/static/oauth/oauth.html

5. In OAuth Scopes, select these settings:

• Access Salesforce hosted MCP servers (mcp_api)

• Perform requests at any time (refresh_token, offline_access)

6. Deselect all checkboxes in Flow Enablement.

7. In Security, select only these settings, and uncheck the remaining settings. 

• Require secret for Web Server Flow 

• Require secret for Refresh Token Flow 

• Enable Refresh Token Rotation

• Issue JSON Web Token (JWT)-based access tokens for named users

8. Click Create.

9. Open your newly created ECA, and on the Settings tab, expand OAuth Settings.

10. Click Consumer Key and Secret. Copy and store the values securely to use later when adding the Client Id and Client Secret on the agent card in Gemini.

11. On the Policies tab, expand OAuth Policies. In App Authorizations, change the refresh token validity period from 365 days to 30 days and save.

NOTE: Salesforce requires that you have an access token timeout of one hour or more. Make sure your session timeout meets this requirement, or change the access token timeout in Named User JWT-Based Access Token Settings.

Give Users Access

1. To give users access, enter Permission in the Quick Find box, and then select Permission Sets.

2. Click New.

3. Enter a label, such as Custom Gemini Permission Set, and Save.

4. Return to the External Client App Manager page, and open the ECA you created.

5. On the External Client App Policies tab, under OAuth Policies, set Permitted Users to Admin approved users are pre-authorized. 

6. In Select Permission Sets, add the permission set, then save.

7. Assign the permission set to users who want access to the Agentforce Sales Agent for Gemini.

Add the Agentforce Sales Agent to Gemini

1. To add the Agentforce Sales Agent in Gemini, go to Gemini from the Agentforce Sales Agent for Gemini (Beta) page in Salesforce Go.

2. If your company isn’t subscribed, click the Subscribe button then Go to Gemini Enterprise.

3. Click Apps and select your app.

Note: If you’re setting up in a sandbox org, an app specifically for your sandbox shows in the list .

1. Go to Agents and click Add Agent. Choose the Agents via Marketplace type.

2. Select Agentforce Sales Agent and review the information.

3. For sandbox setup only:

   1. Replace the default Authorization URL with: https://test.salesforce.com/services/oauth2/authorize?prompt=select_account 

   2. Replace the default Token URL with: https://test.salesforce.com/services/oauth2/token

4. Add the Consumer Key and Secret from your Salesforce External Client App in the Gemini Client ID field and Client secret fields, and click Finish.

5. To give users access in Gemini, select the Agentforce Sales Agent and go to the User Permissions tab.