Cloud Pages implementation for Canada based Infrasutrcure company

Overview

Perigeon partnered with a leading infrastructure company in Canada to streamline how external users submit and manage sales opportunities in Salesforce. The objective was to create a public-facing portal that allows users to submit opportunities securely without requiring a login, while still maintaining control, validation, and data protection. The solution was delivered using Salesforce Experience Cloud and Lightning Web Components (LWC), ensuring a balance of usability, automation, and enterprise-grade security.

Project Objective

The client wanted to eliminate manual entry of partner-submitted opportunities and reduce dependency on internal teams for data collection. Their goals were:

Provide a public interface for opportunity submission without login.
Maintain tight validation and access control to prevent misuse.
Allow users to update opportunities after submission via a secure link.
Ensure real-time visibility and alerts to internal Salesforce users.
Protect the platform from unauthorized or malicious submissions.

Solution Summary

Perigeon developed a custom Salesforce Experience Cloud site with advanced logic that enabled:

Secure, no-login opportunity submission via a custom LWC form.
Validation against email/domain rules before opportunity creation.
Automatic emails with secure, one-time edit links post-submission.
Role-based notification system to alert Salesforce users of all activity.
Logging and monitoring tools for transparency and audit compliance.

Public Opportunity Submission Portal

At the heart of the solution was a custom Experience Cloud page, accessible without login, that allowed users to submit opportunities via a Lightning Web Component (LWC) form. Key capabilities included:

Input validation (required fields, formats, and business rules).
Bot/spam prevention mechanisms (e.g., CAPTCHA, throttling).
Friendly and accessible UI design for non-technical users.
Form-level error handling and success feedback.

Only submissions from verified users (email/domain whitelist) were allowed to proceed.

Identity Validation & Access Control

Before any opportunity was created in Salesforce:

The system validated the user using backend rules such as:

Email domain matching.
Lookup against a whitelist or reference object.
Context-based rules (industry, region, etc.).

If validation failed:

The opportunity was not created.
An email alert with detailed metadata (email, IP, timestamp) was sent to Salesforce Admins.
The attempt was logged for audit purposes.

This ensured unauthorized users were blocked at the gate without compromising UX.

One-Time Update Link via Email

Once an opportunity was successfully created:

The system generated a unique, secure URL for the user to make updates.

This link was:

Token-protected
Time-bound (e.g., valid for 48 hours)
Time-bound (e.g., valid for 48 hours)

The email included:

A summary of the submission.
A link to access a dedicated page for editing limited fields (like contact info, comments, or budget).
Instructions and expiry warnings.

This gave users flexibility without requiring login credentials, and ensured the data remained accurate and timely.

Salesforce Notifications & Automation

Internal Salesforce users were kept informed at each step:

When a new opportunity was created via the public portal.
When a user updated an existing opportunity.
When an unauthorized attempt was blocked.

Perigeon implemented:

Email alerts to Admins and Opportunity Owners.

Task or Chatter creation in Salesforce (optional).

System jobs for link expiration and cleanup.

This enabled a real-time operational flow between external users and internal stakeholders.

Security & Compliance Framework

Security was built into every layer of the implementation:

Unique secure tokens for link-based access.
Backend validations to prevent URL tampering.
Expiration policies to invalidate links after time or use.
CAPTCHA integration to block automated bots.
Audit logs stored in a custom object for transparency.

Perigeon ensured the solution met enterprise-grade security standards while remaining user-friendly for external contributors.

Impact and Results

Metrics Table

Metric	Before Implementation	After Implementation
Manual Data Entry	100% internal effort	Fully automated via portal
Opportunity Submission Time	2–3 days (avg)	<15 minutes
Unauthorized Access	Difficult to track	Real-time alerts and logs
User Experience	Complex login and follow-ups	Simple, no-login access
Admin Overhead	High	Reduced by over 60%

Agile Process

Our team followed a structured Agile methodology to ensure rapid development, controlled iterations, and continuous alignment with the client’s business goals.

Requirement Workshops

Conducted sprint-level requirement discussions with business and IT teams to finalise Cloud Pages user journeys.

Iterative Development

Delivered Cloud Pages features—including identity validation, update links, and automation—in multiple sprints for quick feedback loops.

Sprint Reviews & Demos

Demonstrated every functional increment to stakeholders, enabling early refinements and reducing rework.

Collaborative Delivery

Daily stand-ups ensured consistent coordination between the Salesforce, Experience Cloud, and automation teams.

Salesforce QA Process

A dedicated Salesforce QA framework was followed to ensure reliability, accuracy, and compliance.

Functional Testing

Validated access rules, email token logic, submission flows, and automated notifications.

Security Validation

Verified guest user permissions, record access, and secure data exposure through Experience Cloud.

Integration Testing

Ensured smooth interaction between Salesforce data, validation logic, and automated email templates.

Regression Testing

Conducted end-to-end cycle runs after every sprint to maintain stability as new Cloud Pages features were added.

UAT Support

Provided structured testing scripts for client-side validation before production deployment.

Conclusion

Perigeon successfully delivered a secure, scalable, and intuitive Experience Cloud implementation tailored for external users. By combining thoughtful UX with strong backend logic, token-based security, and real-time alerts, the solution enables the client to collect and manage opportunities with confidence. This case stands as a testament to Perigeon’s ability to deliver innovative Salesforce solutions that meet real business needs, reduce operational friction, and enhance platform governance.

Frequently asked questions

What business problems did CloudPages automation solve for the client?

CloudPages automation eliminated the need for manual entry of partner-submitted opportunities, significantly reducing internal effort and delays. The solution:

Automated opportunity submission from external users
Reduced submission time from days to minutes
Improved data accuracy through built-in validation
Provided real-time visibility into new and updated opportunities
Lowered administrative overhead by over 60%

This streamlined the entire opportunity intake process while maintaining control and governance.

How secure are CloudPages and the opportunity submission portal?

The portal is designed with enterprise-grade security at every layer:

Email and domain-based user validation
Token-protected, time-bound one-time access links
CAPTCHA and throttling to prevent bots and spam
Backend rules to prevent URL tampering
Detailed audit logs capturing IP address, timestamps, and metadata

Unauthorized attempts are blocked immediately and alerted to Salesforce Admins, ensuring platform protection without impacting user experience.

Can the client customize CloudPages in the future?

Yes. The solution is built using Salesforce Experience Cloud and Lightning Web Components (LWC), making it highly configurable and extensible. The client can:

Modify form fields and validation rules
Add new business logic or workflows
Customize UI and branding
Extend automation and notification rules

This ensures the platform can evolve alongside changing business needs.

Does the solution support multilingual or multi-region use?

The architecture supports multi-region and multilingual expansion through:

Configurable validation rules based on region or industry
Salesforce localization capabilities
Dynamic content handling within Experience Cloud

This allows the client to scale the portal for global or region-specific use cases without redesigning the solution.

How does the system handle duplicate or incorrect submissions?

The system prevents incorrect or duplicate submissions through:

Field-level and business-rule validations
Email and domain whitelisting
Backend checks before opportunity creation
Real-time rejection of invalid submissions
Logging of failed attempts for audit and review

If validation fails, the opportunity is not created and admins receive detailed alerts.

What type of notifications are enabled in the system?

The solution includes a role-based notification framework, enabling:

Email alerts when a new opportunity is submitted
Notifications when an opportunity is updated via the secure link
Alerts for blocked or unauthorized submission attempts
Optional task or Chatter creation in Salesforce

This ensures internal teams stay informed and can act immediately on external activity.

Have an Idea ?

We’d Love to Hear from you.

(*) Asterisk denotes mandatory fields

Success Stories

Discover how our innovative app and web solutions have driven growth for our clients. Experience enhanced engagement and measurable success. Partner with us for transformative results.