Sometimes a Sandbox will become out of sync with the production environment and therefore needs to be refreshed in order to be useful for accurate testing.

Run mass update for Contacts and Users, append .testing at the end of every email.

Step-by-step guide

The following steps must be followed in order to refresh a Salesforce Sandbox Org to mirror the latest state of a Production Org.

From within the Production Org, select Setup >> Deploy >> Sandboxes
The list of Sandboxes will display, with the ones you can refresh having a Refresh link next to the Sandbox name. Click the Refresh button next to the Sandbox you would like to update
If you want to activate your sandbox immediately after you refresh it, select Auto Activate. In this case, you don’t receive an activation email
Salesforce will start copying data to the Sandbox, and display a status
Once complete the In-Progress link next to the Sandbox name will change to Activate, and an email notification will be sent from Salesforce
When ready select the Activate link. Note: The Sandbox needs to be activated before the refreshed data can be used. Activating a replacement sandbox that was created using the Refresh link, completely deletes the sandbox it is refreshing, and all configuration/data in the previous Sandbox will be lost.

Post refresh

After a sandbox has just been refreshed, it needs to be returned to its previous functional state to use for testing.

Step-by-step guide

The following steps must be followed in order to change all reference points after a refresh.

Update Payment Gateway(s)
1. When Creating a Test Payment Gateway make sure to use a Test Deposit Account
2. Locate all business groups that are connected to a live payment gateway(s) (App Launcher → Administrator app → Business Group tab). See Figure 1.
3. within each Business Group delete the related gateways and create test gateway(s). See Figure 2.
4. Go to the Stores Object, and update all Stores being used with the new payment gateway. See Figure 3.
5. Make sure to add an "X" prefix to the Payment Gateway if you are going to disable one. ( ROE process picks the first gateway alphabetically without checking if it is enable )
  We need to make that change because trying to delete the Payment Gateway throws the following error: 'Cascade dereferencing too many records: occurring when cascading to Receipt records'

Figure 1

Figure 2.

Figure 3.

Store
1. Go to Related List
2. Payment Methods
  1. Make sure the Test Gateway is assigned to each one
Business Group
1. Make Sure it's using a Test Deposit Account
Recreate Scheduled Job(s)
1. Navigate to Setup → Jobs → Scheduled Jobs
2. Delete previously scheduled job(s) and reschedule them again if they need to continue running in the future
Check routing rules
1. Go to the Fonteva Framework tab → Routing Rules and make sure that the "Is Enabled" checkbox are correct. For example, if refreshing a Sandbox from Production, chek that any routing rule enabled in production are enabled in the sandbox, and that any routing rule not enabled in production is also not enabled in the sandbox.
Update Theme(s)
1. Navigate to the Site(s) object → click on Site Name
2. Verify Site is using the correct theme, if not update
3. Navigate to the Business Groups object, and open each Business Group record
4. If a Theme is referenced from within the Business Group, open the theme and then update the Logo URL
Update Custom Label(s)
1. Navigate to Setup → Build → Create → Custom Labels
2. Select the Edit link next to each Custom Label (Note: You can identify the custom labels to update because they will show a Del option in the Action column. See Figure 1
3. Once on the edit screen, update the URL listed in the Value field to reconnect to the appropriate portal site. See Figure 2
  
  Figure 1Figure 2
Add/Update Remote Site Setting
Note: Before any Apex callout can call an external site, that site must be registered in the Remote Site Settings page, or the callout fails.í«í_
1. Navigate to Setup → Administrator → Security Controls → Remote Site Settings
2. Click button for New Remote Site or Edit beside the previously created Remote Site. Change as necessary to point to the appropriate URLs
Update Community Logout URL
1. Type in All Communities from the Quick Find, select the All Communities link, click Manage next to the Community Site name
2. Once in Community Management, click Administration → Login & Registration
3. Enter the correct URL for the logout page under the section Logout
Verify Site & Menu Items URLs
1. Go to > Setup > search All Sites
  1. go to
  2. Related
  3. Community Menu Items
  4. Check that each Community Menu Item external url is pointing to the right Org
Publish the Communities
1. Go to > Setup > search All Sites
  For each of the Active Communities enter:
  1. Builder
  2. Publish
  3. Accept
~~Modify URL Site(s) Redirects~~
1. ~~Type in All Communities from the Quick Find, select the All Communities link, click Manage next to the Community Site name~~
2. ~~Once in Community Management, click Administration → Pages → Go to Force.com~~
3. ~~On the Site Details page, click the URL Redirects button, and update as needed~~
Update links on Site(s) Record(s)
1. Navigate to the Sites object, and select the Site Name to open the Site record.
2. Update all URLs under the Links section.
  - Site URL
  - User Login URL
  - Login Redirect URL
  - User Reset Password URL
  - User Self Registration URL
  - Profile Page URL
Run File Level Security (FLS)
1. Go to Spark Framework >> Dashboard >> Access Manager
2. Run FLS in Access Manager for all profiles that will be used for testing, but exclude CPBase
~~Update Community Groups and Member Records~~
1. ~~Navigate to the Community Groups object. On all Community Group records complete the following updates:~~
  1. ~~Unpublish (Is Published = False) and delete Chatter Group ID~~
  2. ~~Update the Look up to the correct Site on all community groups, click Save~~
  3. ~~Select Edit, and check the box for Is Published which will auto-populate the Chatter Group ID~~
2. ~~Within each Community Group Detail page, navigate to the Community Group Members related list. Open each member's record and complete the following:~~
3. ~~Delete Chatter Member ID~~
  1. ~~Update Role to Deactivated (Is Active = False)~~
  2. ~~Do a mass update and make Role = Active. This will populate the Chatter Group Member ID~~

Additional considerations (typically not applicable)

Update SSO settings
Update any Inbound/Out Bound Integration points, and configurations
If using Chatter Groups, add staff (Standard Platform licensed users) as Managers of the group to allow them to post discussions and files
Update any additional URL fields referenced on Events, Badge Types, Forms, Pages records
Verify Site Event Category is linking to the correct Event Category and Site
If moving over data, append Contact email addresses with .test

Membership App

My Domain

curl:

After a refresh, the connected application access tokens are refreshed by salesforce, hence the consumer application need to log in again through the Salesforce API to get a new access token, so that they can consume it again.

Ex: The Membership app consumes a global picklist from Salesforce by calling at services/data/v53.0/tooling/sobjects/GlobalValueSet/{EntityId}
Ex url with Enhanced Domain: https://aia--testing.sandbox.my.salesforce.com/services/data/v55.0/tooling/sobjects/GlobalValueSet/0Nt1U000000ZJRt

curl https://MyDomainName.my.salesforce.com/services/oauth2/token -d 'grant_type=password' -d 'client_id=consumer-key' -d 'client_secret=consumer-secret' -d 'username=my-login@domain.com' -d 'password=my-password'

{"access_token":"00D5e000001N20Q!ASAAQEDBeG8bOwPu8NWGsvFwWNfqHOp5ZcjMpFsU6yEMxTKdBuRXNzSZ8xGVyAiY8xoy1KYkaadzRlA2F5Zd3JXqLVitOdNS",
 "instance_url":"https://MyDomainName.my.salesforce.com",
 "id":"https://login.salesforce.com/id/00D5e000001N20QEAS/0055e000003E8ooAAC",
 "token_type":"Bearer",
 "issued_at":"1627237872637",
 "signature":"jmaZOgQyqUxFKAesVPsqVfAWxI62O+aH/mJhDrc8KvQ="}

Reference: https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm

Get all connected applications by using this query:

SELECT Id, name, RefreshTokenValidityPeriod FROM ConnectedApplication

Checkout URL

Checkout page configuration:
1. Login to Salesforce
2. Click on app manager, search for Sites
3. Click on AIA Checkout
4. Click on Delete
5. Go back to Sites
6. Click on New
7. Site Name = 'AIA Checkout'
8. Select a Salesforce Community = 'AIA Checkout'
9. Choose a template = 'MemberNation Template'
10. Click on Create Site
Once we have the record site we must get the field site URL and provide it to the AWS adminstrators (Streaver) so they can update it on Amplify on the REACT_APP_SSO_URL environment variable.

Ex URL:
```
https://testing-us-tdm-tso-15eb63ff4c6-1626e-167f0569011.cs40.force.com/aiacheckout/services/auth/sso/Cognito
```
Example URL new Enhanced Domains
Example URL new Enhanced Domains
```
https://aia--testing.sandbox.my.site.com/aiacheckout/services/auth/sso/Cognito
```

Enhanced Domains

Streaver config updates:

Update membership app: REACT_APP_SSO_URL
Update the redirects in lambda
Reset configuration on Heroku connect:
Update Cognito: App client salesforce code authorization flow
1. Callback URL(s)
2. SignOut URL(s)
Update parameter Store keys for Salesforce

CES

There is a record in a metadata call AIA Settings thats need to be updated

Go to Setup
Search for Custom Metadata Types
AIA Settings
Manage Records
1. Edit - Community URL
2. (Enhanced Domains only)Value:
  https://aia–testing.sandbox.my.site.com/Providers/s/store#/store/checkout/
3. Save

In case there is a problem with the checkout page

example:

First we need to check that the Payment Gateway is correct with a correct testing deposit account and attach to the correct records.

If the payment gateway is correct but the error still shows, we need to recreate the Providers Store and update the Providers Community Site with the new Store.

Lastly recreate the site with new Store and correct Payment Gateway and Business Group.

Update Renewal Link url:

Go to Setup > Object Manager
Membership Object
search for Renewal Link Formula
Edit and change the URL to (corresponding env url):

"https://aia--testing.sandbox.my.site.com/Providers/s/#/profile/subscriptions_renew/"

ABI

Update Renewal Link url:

Go to Setup > Object Manager
Membership Object
search for Renewal Link Formula
Edit and change the URL to (corresponding env url):

"https://aia--testing.sandbox.my.site.com/ecommerce/s/#/profile/subscriptions_renew/"

View Document (Receipt PDF redirection URL)

The site URL configuration from the view document button it's based on a record form the Community Site object.
Once the Site records are created we need to get their respective URL's.

Log in to Salesforce
Click on app manager and search for Community Site
Select a page (ex: AIA Checkout)
Edit the Site URL field.

Once updated, we should be redirected correctly.

Heroku

Set up the connection:

Once you have all the required credentials, you would follow these steps:

Go to Setup.
Search for External Data Source in the Quick Find Box.
Click on “New External Datasource”.
Fill in the following data:

Type: Salesforce_Connect: OData 4.0
Url: the url from the Heroku app.
Writable External Objects: checked. This allows us to update the Heroku database from Salesforce.
Format: JSON
Identity Type: Named Principal. This makes it so there is only a set of credentials for the entire org.
Username: client id from the Heroku app.
Password: client secret from the Heroku app.

Click on save.

Email Change Request

Go to > Setup > Search for Custom Metadata Types

Look for AIA_CHANGE_EMAIL_REQUEST_BASE_URL
edit
1. Long Value : (Testing)
  https://account-dev.aia.org/confirm-email-change?token=

Go To > Setup > Search for Deliverability

Update: Access Level : All Email

Changes for Streaver

After a refresh Streaver needs to update the encryption key used on JWT encryption

What changed is the salesforceTokenEncryptionKey en Parameter Store (Streaver)

Streaver side:

Blackbox >
Verify token
Update cognito user info
Hit endpoint: apexrest/V1/emailChangeConfirmation

Auth. Providers

Go To > Setup > Search for Auth. Providers

Search for Cognito
1. Update urls as follow
If it doesn’t exist create it as follow

Test-Only Initialization URL	https://aia--testing.sandbox.my.salesforce.com/services/auth/test/Cognito
Single Sign-On Initialization URL	https://aia--testing.sandbox.my.salesforce.com/services/auth/sso/Cognito
Existing User Linking URL	https://aia--testing.sandbox.my.salesforce.com/services/auth/link/Cognito
OAuth-Only Initialization URL	https://aia--testing.sandbox.my.salesforce.com/services/auth/oauth/Cognito
Callback URL	https://aia--testing.sandbox.my.salesforce.com/services/authcallback/Cognito
Single Logout URL	https://aia--testing.sandbox.my.salesforce.com/services/auth/rp/oidc/logout

This is for Testing environment

Events (to do)

Go to Setup > Object Manager > Search for Event object

Fields & Relationships
Search for 'Event URL'
Edit the formula to use the correct environment URL
Save

Set up redirection URL's on the corresponding custom settings.

Duplicate Check (Deployment notes)

Export the DC Setup (via DC Setup > import/export configuration).

https://plauti.com/support/1166028-export-import-duplicate-check-configuration

Any fields (formula fields, long text area fields for merging etc) created that are used in Duplicate Check (so used in a scenario, result fields, merge rules, search index location), need to be created with the exact same (API)name.

Make sure you set up all permissions for the admins and end-users.

For end-users you normally do not give access to DC Setup and DC Job.

Do give everyone access to all DC objects and DC Apex classes.

https://plauti.com/support/1165809-profile-settings-access-rights-for-users (basically makes sure that not everyone has access to all dc tabs (step 5).

If you use custom objects with Duplicate Check, make sure you have the trigger and test class for deployment.

https://plauti.com/support/1164021-1164021-how-to-use-duplicate-check-with-a-custom-object-in-salesforce-lightning

Marketing Cloud (to do)

Universal Login (to do)

Page:

How to refresh a sandbox
Page:

How to reinstall AIA branded event CSS
Page:

How to check major system updates and status
Page:

How to set up an event that spans the end of the year
Page:

Fonteva event schedule times are off in Boomset

Step-by-step guide

Post refresh

Step-by-step guide

Membership App

Enhanced Domains

CES

ABI

View Document (Receipt PDF redirection URL)

Heroku

Set up the connection:

Email Change Request

Changes for Streaver

Auth. Providers

Events (to do)

Duplicate Check (Deployment notes)

Marketing Cloud (to do)Universal Login (to do)

Marketing Cloud (to do)

Universal Login (to do)

Browser not supported