Functionalities
Identity Integration
Product Feature |
Supported |
---|---|
Authenticate User |
No |
Validate User |
Yes |
Enable/Disable User |
Yes |
Reset Password |
Yes |
Expire Password Immediately |
No |
Expire Password by Date |
No |
Provisioning Integration
Data Format |
Export |
Create |
Modify |
Delete |
Trigger |
User |
Yes |
Yes |
Yes |
No |
No |
Contact |
Yes |
Yes |
Yes |
Yes |
No |
ExternalUser |
Yes |
Yes |
Yes |
Yes |
No |
Profile |
Yes |
No |
Yes |
Yes |
No |
UserRole |
Yes |
Yes |
Yes |
Yes |
No |
Prerequisites
Ensure that these prerequisites are satisfied:
- Salesforce access is available.
- A developer account that can be used to establish a connection and has authority to manage objects in the Salesforce.
- A Connected Application is created in Salesforce by following the steps below.
Create X.509 certificate:
Execute the following commands using OpenSSL:
openssl genrsa -des3 -passout pass:password -out server.pass.key 2048
openssl rsa -passin pass:password -in server.pass.key -out server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
Create Service Account Private Key:
- The private key and password are required to create the Salesforce REST connected system in Identity. Salesforce REST Connector expects the private key in the PFX format. So, create the private key in PFX format from the certificate created above using OpenSSL:
openssl pkcs12 -export -name signedcert -in server.crt -inkey server.key -out keystore.p12 -passout pass:notasecret
2. Use this key and password as the Service Account Private Key and Private Key Password in the Connected System details page.
Create Salesforce Connected Application:
- Login using the developer account to Salesforce at https://login.salesforce.com/ and then navigate to "Setup”.
- In the navigation bar on the left-hand side, under PLATFORM TOOLS -> Apps -> App Manager, select App Manager and use New Connected App button.
3. Fill in the basic information.
4. Under API (Enable OAuth Settings) section, check the Enable OAuth Settings and Use digital signatures checkboxes.
5. Upload the certificate (server.crt) from previous step.
6. Configure the Callback URL.
7. Configure OAuth scopes based on the connector requirements. ‘Perform requests on your behalf at any time’ is required.
8. Click Save.
9. Once saved, the Consumer Key will be displayed on the details page. This is required while creating the connected system.
Grant Access to Connected Application:
- In the navigation bar on the left-hand side, under PLATFORM TOOLS -> Apps -> Connected Apps -> Manage Connected Apps.
2. Click Edit against the newly created App.
3. Choose ‘Admin approved users are pre-authorized’ for ‘Permitted Users’.
4. Save.
5. Save will return to the Manage Connected Apps page.
6. Click on the label link for the new App.
7. Go to Profiles section, click Manage Profiles button and assign the required profile.
8. In the navigation bar on the left-hand side, go to ADMINISTRATION > Users > Profiles.
9. Use Edit button for the Profile associated to the App.
10. Go to Connected App Access section.
11. Check the check box corresponding to the new App.
12. Save.
Create the Salesforce REST connected system in the Admin UI
- Log in to Identity Administration and click the Systems tab.
- On the Connected System View page, click the Add button and select Salesforce REST from the Type drop-down list. The Connected System Details page displays the default values:
Only configurations which are specific to Salesforce REST is documented below. For an overview of the configuration which are common to all connectors, please refer to our link to “connected systems guide”.
Connection Information |
|
Salesforce Service URL |
The URL of the custom domain. Eg. https://fi-connector-test.my.salesforce.com |
Authorization Server URL |
The URL that is used to make authorization requests to Salesforce. The default value is https://login.salesforce.com |
Account Email |
The email of the developer account. |
Consumer key |
Enter the consumer key obtained from Salesforce. |
Service Account Private Key |
Select the Service Account Private key created. |
Private Key Password |
Enter the password of Service Account Private key. |
Connection Timeout |
Number of seconds to wait for completion of an API call to Salesforce REST before timing out. |
3. Enter the desired information and click Add.
Creating the Salesforce REST connected system in Studio
- Log in to the Workflow and Connectivity Studio and click Connectivity -> Add Systems on the menu bar. The Add Connected Systems window displays.
- Select Salesforce REST from the Type drop-down list. The default values display.
-
Enter the required information. Only configurations which are specific to Salesforce REST will be documented below. For an overview of the configuration which are common to all connectors, please refer to our link to “connected systems guide”.
Connection Information
Salesforce Service URL
The URL of the custom domain. Eg. https://fi-connector-test.my.salesforce.com
Authorization Server URL
The URL that is used to make authorization requests to Salesforce. The default value is https://login.salesforce.com
Account Email
The email of the developer account.
Consumer key
Enter the consumer key obtained from Salesforce.
Service Account Private Key
Select the Service Account Private key created.
Private Key Password
Enter the password of Service Account Private key.
Connection Timeout
Number of seconds to wait for completion of an API call to Salesforce REST before timing out.
- Click Apply to add the system.
Using the Connected System for Identity
Perform these procedures to configure the connector:
- Connector Details for Identity
- Identity Password Management
Connector Details for Identity
This table lists values to enter when associating the Identity user with an existing user in the Salesforce REST connected system:
Field |
System Attribute |
Example Value |
Account ID |
Id |
0053t000007VDV1AAO |
Login ID |
Username |
Identity Password Management
See User Management for details on password management.
Using the Connected System for Provisioning
Perform these procedures to configure the connector:
- Configuring for Export
- Configuring for Import
- Connector Details for Provisioning
Note: If the number of records to be processed exceeds one thousand, we recommend configuring the workflow to use bulk mode, which lowers the memory consumption of the system by streaming data to files. Because data is streamed for every task, performance of the workflow execution will be decreased due to increased read-write operations. See the Workflow and Connectivity Studio document for details on how to configure bulk mode.
Configuring for Export
Perform these procedures to configure the connector for data export:
- Configuring the Export Connector
- Configuring the Export Link
From the Workflow and Connectivity Studio, select the Salesforce REST UserExport workflow listed under the projects folder. If a workflow does not already exist, create an export workflow. See Workflow and Connectivity Studio for details on creating export workflows.
Configure the Export Connector
- In the Design pane, double-click the export object (the first object after the Start object). The Configure Data Source window displays:
-
From the Configure Plug-In tab, set the properties as required:
Associated Connected System
Select the connected System from the list. The export will be done from this connected system
Data Formats
Select the type of data format to use: User (Default), Contact, ExternalUser, Profile or UserRole
ContactById
Option to fetch a contact by providing Id. This property is available only for Contact data format.
DeltaExportMode
Select the type of attribute to export if a change takes place (this works in conjunction with ExportMode when DeltaExport is selected):
- OnlyChangedAttributes - Performs a partial export of only the changed attributes from the last time the query was run.
- ChangedAndMandatoryAttributes (default) - Performs a partial export of both changed and mandatory attributes from the last time the query was run. Mandatory attributes are exported whether they have been changed or not.
- AllAttributes - Performs a full export of all attributes that contain a value.
DynamicConnectedSystem
Select the global variable to use as the dynamic connected system name. This works in conjunction with DynamicConnectedSystemOption when GlobalVariable is selected.
DynamicConnectedSystemOption
Select how to control Dynamic System Support (DSS):
- None - There will not be any Dynamic System Support.
- Transaction-SystemName - The value of the Transaction-SystemName attribute in data will be used as the dynamic connected system. The connected system name must be passed as the value of the attribute Transaction-SystemName; if it is missing in data, the operation will fail.
- GlobalVariable - Select a global variable to use as the dynamic connected system name from the property DynamicConnectedSystem.
ExecuteGIGAssociatedTaskAsynchronously
If this property is True, GIG associated tasks will execute asynchronously.
ExportMode
Select the type of data to export:
- FullExport - Exports all attributes
- DeltaExport - Exports changed, mandatory, or all attributes, depending on the DeltaExportMode property setting.
Filter
Specify search criteria to determine the objects to be exported from the Salesforce REST Connected System. Use the Set Filter button that becomes active to create a filter. See the Set Filter section for additional information.
MaxResults
Select the maximum number of results to be returned.
ProfileById
Option to fetch a profile by providing Id. This property is available only for Profile data format.
ResultsPerPage
Number of entries fetched in a single call. Valid range is 500 to 2000. Default is 2000.
UserById
Option to fetch a user by providing Id. This property is available only for User data format.
UserRoleById
Option to fetch a UserRole by providing Id. This property is available only for UserRole data format.
Set Filter
Setting the filter is a means to narrow the search scope and return specific results:
Element
Description
Attribute
Select the attribute of the filter. This represents the attribute name for searching the Salesforce REST system.
Comparison
Select the operator value for this filter. Some attributes do not support certain operator values.
AND Condition List
Creates an AND statement comparing selected conditions. If there is more than one condition in this list box, all conditions must be true.
Filter Syntax
Displays the filter syntax used to retrieve entries from the Salesforce REST and to build the export list.
- Using logical AND, generate the complex filter to narrow the search result.
- Click OK when complete to return to the Configure Data Source window.
- (Optional) Select the Attributes Only the standard attributes display:
Modify schema attributes using these buttons:
Add
Add additional attributes to the list. The Add New attribute dialog displays.
Note: Only attributes that are present in the business Object schema can be added. If they are not in the business Object schema they will be disregarded.
Export
Export the schema list to an XML file.
Import
Imports the schema list from an XML file.
Reset Schema
Resets the schema definition to the default schema prepackaged with the IDM Suite.
(Optional) Select the Appearance tab to change how the Connected System object displays in the Design pane.
- Click OK and save any changes and return to the Workflow and Connectivity Studio window.
Configure the Export Link
-
In the Design pane, double-click the export link between the export object (the first workflow object after the Start object) and the Data Mapper object. The Configure Link window displays.
Source Attributes
Select the attribute to export
Selected Attributes
Displays default attributes and those attributes that have been selected from the Source Attributes.
Note: The check boxes are used only for delta export operations. These checked attributes will always be exported whether they were changed or not. Usually, the attributes that are selected as mandatory attributes help in identifying or verifying an entry when completing mapping functions.
Advanced Settings
Displays the Configure Attributes window for configuring advanced settings for attributes. Under the Encrypted column, check the box of any attribute that needs to be encrypted.
- From the Attribute Selection tab, select attributes to export.
- Click Ok to save any changes and return to Workflow and Connectivity Studio window.
- Deploy the workflow by selecting Deploy New Deployment. See the Workflow and Connectivity Studio documentation for details of deployment options.
- Manage and run the deployed workflow from the AdminUI Server tab. See the “Identity Suite Administration” documentation for details.
Configuring for Import
Perform these procedures to configure the connector for data import:
- Configure the import Connector
- Configure the Import Link
From the Workflow and Connectivity Studio, select the Salesforce REST UserAdd, UserModify, or UserDelete workflow listed under the projects folder. If a workflow does not already exist, create an import workflow. See the “Workflow and Connectivity Studio” documentation for details on creating import workflows.
Configuring the Import Connector
- In the design pane, double-click the import object (the last workflow object). The Configure Data Source window displays:
-
From the Configure Plug-In tab, set these properties as required:
Associated Connected System
Select the connected system from the list. The import operation will be done to this connected system.
Data Formats
Select the type of data format to use: User (Default), Contact, ExternalUser, Profile or UserRole
DynamicConnectedSystem
Select the global variable to use as the dynamic connected system name. This works in conjunction with the DynamicConnectedSystemOption when GlobalVariable is selected.
DynamicConnectedSystemOption
Select how to control Dynamic System Support (DSS):
- None - There will not be any Dynamic System Support.
- Transaction-SystemName - The value of the Transaction-SystemName attribute in data will be used as the dynamic connected system. The connected system name must be passed as the value of the attribute Transaction-SystemName; if it is missing in data, the operation will fail.
- GlobalVariable - Select a global variable to use as the dynamic connected system name from the property DynamicConnectedSystem.
Id
Specify the attribute that contains the value used to uniquely identity the user account ID on the connected system. (ACCOUNT_ID column of the FISC_USER_ACCOUNT table). Salesforce REST supports Id as account Id.
Note: This option is only available for the User data format.
loginId
Enter the attribute that contains the value used to uniquely identity the user account login ID on the connected system. (ACCOUNT_USERNAME column of the FISC_USER_ACCOUNT table). Salesforce REST supports Username as Login Id.
Note: This option is only available for the User data format.
- (Optional) Select the Attributes tab if attributes schema is to be modified.
- (Optional) Select the Appearance tab to change how the Connected System object displays in the Design pane.
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
Configuring the Import Link
-
In the design pane, double-click the import link between the import link between the Data Mapper object and the import object (the last workflow object). The Configure Link window displays:
Source Attributes
Select the attributes to import.
Check for attribute-level auditing
If auditing is enabled and these attributes below are checked, Provisioning will log all events for auditing purposes.
Select Attributes
Displays default attributes and those attributes that have been selected from the source Attributes.
Note: The default attributes are those that are commonly used to create a new user.
Advanced Settings
Displays the Configure Attributes window for configuring advanced settings for attributes. Under the Encrypted column, check the box of any attribute that needs to be encrypted.
Key Attribute
Select the attribute to be used as the key attribute for status processing and audit.
- From the Attribute Selection tab, select attributes to import.
- (Optional) Select the Appearance tab to change how the link displays in the Design pane.
- Click OK to save any changes and return to the Workflow and Connectivity Studio window.
- Deploy the workflow by selecting Deploy New Deployment. See the “Workflow and Connectivity Studio” documentation for details of deployment options.
- Manage and run the deployed workflow from the Admin UI Server tab. See the “Identity Suite Administration” documentation for details.
Configuration Details for Provisioning
Connector Supported Data Formats
The items in the Export and Import columns have these meanings:
- Y = Yes (attribute is supported for this operation)
- Y (R) = Attribute is supported and is required to create the object
- N = No (attribute is not supported for this operation)
User and ExternalUser Data Formats
Name |
Type |
Export |
Import |
Description |
Id |
String |
Y |
Y |
Unique Id generated during user creation. This is mandatory when modifying a user. |
Password |
String |
N |
Y |
|
FederationIdentifier |
String |
Y |
Y |
|
FirstName |
String |
Y |
Y |
|
LastName |
String |
Y |
Y (R) |
The user’s last name. |
UserPermissionsMarketingUser |
Boolean |
Y |
Y |
true/false |
UserPermissionsOfflineUser |
Boolean |
Y |
Y (R) |
Required. Indicates whether the user is enabled to use Offline Edition (true) or not (false). |
AboutMe |
String |
Y |
Y |
|
AccountId |
String (AccountId) |
Y |
Y |
|
IsActive |
Boolean |
Y |
Y |
true/false |
Street |
String |
Y |
Y |
|
City |
String |
Y |
Y |
|
State |
String |
Y |
Y |
|
PostalCode |
String |
Y |
Y |
|
Country |
String |
Y |
Y |
|
ReceivesAdminInfoEmails |
Boolean |
Y |
Y |
true/false |
Alias |
String |
Y |
Y (R) |
The user’s alias. For example, jsmith. |
ForecastEnabled |
Boolean |
Y |
Y |
true/false |
CallCenterId |
String (CallCenterId) |
Y |
Y |
|
MobilePhone |
Phone |
Y |
Y |
|
DigestFrequency |
String |
Y |
Y |
Required. The send frequency of the user’s Chatter personal email digest. The valid values are: D = Daily W = Weekly N = Never The default value is D. |
CompanyName |
String |
Y |
Y |
|
ContactId |
String (ContactId) |
Y |
Y |
|
CreatedById |
String (UserId) |
Y |
N |
|
CreatedDate |
Datetime |
Y |
N |
|
DefaultGroupNotificationFrequency |
String |
Y |
Y |
Required. The default frequency for sending the user's Chatter group email notifications when the user joins groups. The valid values are: P—Email on every post D—Daily digests W—Weekly digests N—Never The default value is N. |
DelegatedApproverId |
String (UserId) |
Y |
Y |
|
Department |
String |
Y |
Y |
|
Division |
String |
Y |
Y |
|
Y |
Y (R) |
The user’s email address. |
||
EmailEncodingKey |
String |
Y |
Y (R) |
The email encoding for the user, such as ISO-8859-1 or UTF-8. |
SenderEmail |
Y |
Y |
||
SenderName |
String |
Y |
Y |
|
Signature |
String |
Y |
Y |
|
EmployeeNumber |
String |
Y |
Y |
|
Extension |
Phone |
Y |
Y |
|
Fax |
Phone |
Y |
Y |
|
ReceivesInfoEmails |
Boolean |
Y |
Y |
true/false |
LanguageLocaleKey |
String |
Y |
Y (R) |
The user’s language, Eg. en_US. |
LastLoginDate |
Datetime |
Y |
N |
|
LastModifiedById |
String (UserId) |
Y |
N |
|
LastModifiedDate |
Datetime |
Y |
N |
|
LastPasswordChangeDate |
Datetime |
Y |
N |
|
LastReferencedDate |
Datetime |
Y |
N |
|
LastViewedDate |
Datetime |
Y |
N |
|
LocaleSidKey |
String |
Y |
Y (R) |
The value of this field affects formatting and parsing of values in the user interface. The field values are named according to the language, and the country if necessary, using two-letter ISO codes. Eg. en_US. |
ManagerId |
String (UserId) |
Y |
Y |
|
CommunityNickname |
String |
Y |
Y |
|
OfflineTrialExpirationDate |
Datetime |
Y |
Y |
|
Phone |
Phone |
Y |
Y |
|
ProfileId |
String (ProfileId) |
Y |
Y (R) |
ID of the user’s Profile. Use this value to cache metadata based on profile. Eg. Lookup the Id of ‘Standard Platform User’ Profile and set that as ProfileId. |
UserRoleId |
String (UserRoleId) |
Y |
Y |
|
OfflinePdaTrialExpirationDate |
Datetime |
Y |
Y |
|
SystemModstamp |
Datetime |
Y |
N |
|
TimeZoneSidKey |
String |
Y |
Y (R) |
A User time zone affects the offset used when displaying or entering times in the user interface. Values for this field are named using region and key city, according to ISO standards. Eg. America/Los_Angeles. |
Title |
String |
Y |
Y |
|
SmallPhotoUrl |
URL |
Y |
N |
|
FullPhotoUrl |
URL |
Y |
N |
|
BadgeText |
String |
Y |
Y |
|
UserType |
String |
Y |
Y |
|
Username |
String |
Y |
Y (R) |
Contains the name that a user enters to log in to the API or the user interface. The value for this field must be in the form of an email address, using all lowercase characters. It must also be unique across all organizations. Each inserted User also counts as a license. Every organization has a maximum number of licenses. If you attempt to exceed the maximum number of licenses by inserting User records, the create request is rejected. |
Contact Data Format
Name |
Type |
Export |
Import |
Description |
Id |
String |
Y |
Y |
Unique Id generated during contact creation. This is mandatory when modifying a contact. |
AccountId |
String (AccountId) |
Y |
Y |
|
AssistantName |
String |
Y |
Y |
|
AssistantPhone |
Phone |
Y |
Y |
|
Birthdate |
Date |
Y |
Y |
|
MasterRecordId |
String (ContactId) |
Y |
Y |
|
OwnerId |
String (UserId) |
Y |
Y |
|
CreatedById |
String (UserId) |
Y |
N |
|
CreatedDate |
Datetime |
Y |
N |
|
Jigsaw |
String |
Y |
Y |
|
IsDeleted |
Boolean |
Y |
N |
true/false |
Department |
String |
Y |
Y |
|
Description |
String |
Y |
Y |
|
Y |
Y |
|||
EmailBouncedDate |
Datetime |
Y |
N |
|
EmailBouncedReason |
String |
Y |
Y |
|
Fax |
Phone |
Y |
Y |
|
HomePhone |
Phone |
Y |
Y |
|
IsEmailBounced |
Boolean |
Y |
N |
true/false |
JigsawContactId |
String (ContactId) |
Y |
Y |
|
LastActivityDate |
Date |
Y |
N |
|
LastModifiedById |
String (UserId) |
Y |
N |
|
LastModifiedDate |
Datetime |
Y |
N |
|
LastReferencedDate |
Datetime |
Y |
N |
|
LastViewedDate |
Datetime |
Y |
N |
|
LeadSource |
String |
Y |
Y |
|
MailingStreet |
String |
Y |
Y |
|
MailingCity |
String |
Y |
Y |
|
MailingState |
String |
Y |
Y |
|
MailingPostalCode |
String |
Y |
Y |
|
MailingCountry |
String |
Y |
Y |
|
MobilePhone |
Phone |
Y |
Y |
|
Salutation |
String |
Y |
Y |
|
FirstName |
String |
Y |
Y |
|
LastName |
String |
Y |
Y (R) |
Last name of the contact up to 80 characters. |
OtherStreet |
String |
Y |
Y |
|
OtherCity |
String |
Y |
Y |
|
OtherState |
String |
Y |
Y |
|
OtherPostalCode |
String |
Y |
Y |
|
OtherCountry |
String |
Y |
Y |
|
OtherPhone |
Phone |
Y |
Y |
|
Phone |
Phone |
Y |
Y |
|
PhotoUrl |
URL |
Y |
N |
|
ReportsToId |
String (ContactId) |
Y |
Y |
|
SystemModstamp |
Datetime |
Y |
N |
|
Title |
String |
Y |
Y |
Profile Data Format
Name |
Type |
Export |
Import |
Description |
CreatedById |
String (UserId) |
Y |
N |
|
CreatedDate |
Datetime |
Y |
N |
|
Description |
String |
Y |
Y |
|
Id |
String |
Y |
Y |
Unique Id generated during profile creation. This is mandatory when modifying a profile. |
LastModifiedById |
String (UseId) |
Y |
N |
|
LastModifiedDate |
Datetime |
Y |
N |
|
LastReferencedDate |
Datetime |
Y |
N |
|
LastViewedDate |
Datetime |
Y |
N |
|
Name |
String |
Y |
Y |
|
PermissionsAccessCMC |
Boolean |
Y |
Y |
true/false |
PermissionsActivateContract |
Boolean |
Y |
Y |
true/false |
PermissionsActivateOrder |
Boolean |
Y |
Y |
true/false |
PermissionsActivitiesAccess |
Boolean |
Y |
Y |
true/false |
PermissionsAddDirectMessageMembers |
Boolean |
Y |
Y |
true/false |
PermissionsAllowEmailIC |
Boolean |
Y |
Y |
true/false |
PermissionsAllowLightningLogin |
Boolean |
Y |
Y |
true/false |
PermissionsAllowViewEditConvertedLeads |
Boolean |
Y |
Y |
true/false |
PermissionsApexRestServices |
Boolean |
Y |
Y |
true/false |
PermissionsApiEnabled |
Boolean |
Y |
Y |
true/false |
PermissionsAssignPermissionSets |
Boolean |
Y |
Y |
true/false |
PermissionsAssignTopics |
Boolean |
Y |
Y |
true/false |
PermissionsAuthorApex |
Boolean |
Y |
Y |
true/false |
PermissionsB2BMarketingAnalyticsUser |
Boolean |
Y |
Y |
true/false |
PermissionsBulkApiHardDelete |
Boolean |
Y |
Y |
true/false |
PermissionsCampaignInfluence2 |
Boolean |
Y |
Y |
true/false |
PermissionsCanApproveFeedPost |
Boolean |
Y |
Y |
true/false |
PermissionsCanEditPrompts |
Boolean |
Y |
Y |
true/false |
PermissionsCanInsertFeedSystemFields |
Boolean |
Y |
Y |
true/false |
PermissionsCanUseNewDashboardBuilder |
Boolean |
Y |
Y |
true/false |
PermissionsCanVerifyComment |
Boolean |
Y |
Y |
true/false |
PermissionsChangeDashboardColors |
Boolean |
Y |
Y |
true/false |
PermissionsChatterComposeUiCodesnippet |
Boolean |
Y |
Y |
true/false |
PermissionsChatterEditOwnPost |
Boolean |
Y |
Y |
true/false |
PermissionsChatterEditOwnRecordPost |
Boolean |
Y |
Y |
true/false |
PermissionsChatterFileLink |
Boolean |
Y |
Y |
true/false |
PermissionsChatterInternalUser |
Boolean |
Y |
Y |
true/false |
PermissionsChatterInviteExternalUsers |
Boolean |
Y |
Y |
true/false |
PermissionsChatterOwnGroups |
Boolean |
Y |
Y |
true/false |
PermissionsCloseConversations |
Boolean |
Y |
Y |
true/false |
PermissionsConfigCustomRecs |
Boolean |
Y |
Y |
true/false |
PermissionsConnectOrgToEnvironmentHub |
Boolean |
Y |
Y |
true/false |
PermissionsConsentApiUpdate |
Boolean |
Y |
Y |
true/false |
PermissionsContentAdministrator |
Boolean |
Y |
Y |
true/false |
PermissionsContentHubUser |
Boolean |
Y |
Y |
true/false |
PermissionsContentWorkspaces |
Boolean |
Y |
Y |
true/false |
PermissionsConvertLeads |
Boolean |
Y |
Y |
true/false |
PermissionsCreateCustomizeDashboards |
Boolean |
Y |
Y |
true/false |
PermissionsCreateCustomizeFilters |
Boolean |
Y |
Y |
true/false |
PermissionsCreateCustomizeReports |
Boolean |
Y |
Y |
true/false |
PermissionsCreateDashboardFolders |
Boolean |
Y |
Y |
true/false |
PermissionsCreateLtngTempFolder |
Boolean |
Y |
Y |
true/false |
PermissionsCreateLtngTempInPub |
Boolean |
Y |
Y |
true/false |
PermissionsCreateMultiforce |
Boolean |
Y |
Y |
true/false |
PermissionsCreateReportFolders |
Boolean |
Y |
Y |
true/false |
PermissionsCreateReportInLightning |
Boolean |
Y |
Y |
true/false |
PermissionsCreateTopics |
Boolean |
Y |
Y |
true/false |
PermissionsCreateWorkspaces |
Boolean |
Y |
Y |
true/false |
PermissionsCustomizeApplication |
Boolean |
Y |
Y |
true/false |
PermissionsCustomMobileAppsAccess |
Boolean |
Y |
Y |
true/false |
PermissionsCustomSidebarOnAllPages |
Boolean |
Y |
Y |
true/false |
PermissionsDataExport |
Boolean |
Y |
Y |
true/false |
PermissionsDelegatedTwoFactor |
Boolean |
Y |
Y |
true/false |
PermissionsDeleteActivatedContract |
Boolean |
Y |
Y |
true/false |
PermissionsDeleteTopics |
Boolean |
Y |
Y |
true/false |
PermissionsDistributeFromPersWksp |
Boolean |
Y |
Y |
true/false |
PermissionsEditActivatedOrders |
Boolean |
Y |
Y |
true/false |
PermissionsEditBrandTemplates |
Boolean |
Y |
Y |
true/false |
PermissionsEditCaseComments |
Boolean |
Y |
Y |
true/false |
PermissionsEditEvent |
Boolean |
Y |
Y |
true/false |
PermissionsEditHtmlTemplates |
Boolean |
Y |
Y |
true/false |
PermissionsEditMyDashboards |
Boolean |
Y |
Y |
true/false |
PermissionsEditMyReports |
Boolean |
Y |
Y |
true/false |
PermissionsEditOppLineItemUnitPrice |
Boolean |
Y |
Y |
true/false |
PermissionsEditPublicDocuments |
Boolean |
Y |
Y |
true/false |
PermissionsEditPublicFilters |
Boolean |
Y |
Y |
true/false |
PermissionsEditPublicTemplates |
Boolean |
Y |
Y |
true/false |
PermissionsEditReadonlyFields |
Boolean |
Y |
Y |
true/false |
PermissionsEditTask |
Boolean |
Y |
Y |
true/false |
PermissionsEditTopics |
Boolean |
Y |
Y |
true/false |
PermissionsEmailAdministration |
Boolean |
Y |
Y |
true/false |
PermissionsEmailMass |
Boolean |
Y |
Y |
true/false |
PermissionsEmailSingle |
Boolean |
Y |
Y |
true/false |
PermissionsEmailTemplateManagement |
Boolean |
Y |
Y |
true/false |
PermissionsEnableCommunityAppLauncher |
Boolean |
Y |
Y |
true/false |
PermissionsEnableNotifications |
Boolean |
Y |
Y |
true/false |
PermissionsExportReport |
Boolean |
Y |
Y |
true/false |
PermissionsFeedPinning |
Boolean |
Y |
Y |
true/false |
PermissionsFlowUFLRequired |
Boolean |
Y |
Y |
true/false |
PermissionsForceTwoFactor |
Boolean |
Y |
Y |
true/false |
PermissionsGiveRecognitionBadge |
Boolean |
Y |
Y |
true/false |
PermissionsGovernNetworks |
Boolean |
Y |
Y |
true/false |
PermissionsHasUnlimitedNBAExecutions |
Boolean |
Y |
Y |
true/false |
PermissionsHeadlessCMSAccess |
Boolean |
Y |
Y |
true/false |
PermissionsHideReadByList |
Boolean |
Y |
Y |
true/false |
PermissionsIdentityConnect |
Boolean |
Y |
Y |
true/false |
PermissionsIdentityEnabled |
Boolean |
Y |
Y |
true/false |
PermissionsImportCustomObjects |
Boolean |
Y |
Y |
true/false |
PermissionsImportLeads |
Boolean |
Y |
Y |
true/false |
PermissionsImportPersonal |
Boolean |
Y |
Y |
true/false |
PermissionsInstallMultiforce |
Boolean |
Y |
Y |
true/false |
PermissionsLightningConsoleAllowedForUser |
Boolean |
Y |
Y |
true/false |
PermissionsLightningExperienceUser |
Boolean |
Y |
Y |
true/false |
PermissionsListEmailSend |
Boolean |
Y |
Y |
true/false |
PermissionsLMOutboundMessagingUserPerm |
Boolean |
Y |
Y |
true/false |
PermissionsLtngPromoReserved01UserPerm |
Boolean |
Y |
Y |
true/false |
PermissionsManageAnalyticSnapshots |
Boolean |
Y |
Y |
true/false |
PermissionsManageAuthProviders |
Boolean |
Y |
Y |
true/false |
PermissionsManageBusinessHourHolidays |
Boolean |
Y |
Y |
true/false |
PermissionsManageCallCenters |
Boolean |
Y |
Y |
true/false |
PermissionsManageCases |
Boolean |
Y |
Y |
true/false |
PermissionsManageCategories |
Boolean |
Y |
Y |
true/false |
PermissionsManageCertificates |
Boolean |
Y |
Y |
true/false |
PermissionsManageChatterMessages |
Boolean |
Y |
Y |
true/false |
PermissionsManageCMS |
Boolean |
Y |
Y |
true/false |
PermissionsManageContentPermissions |
Boolean |
Y |
Y |
true/false |
PermissionsManageContentProperties |
Boolean |
Y |
Y |
true/false |
PermissionsManageContentTypes |
Boolean |
Y |
Y |
true/false |
PermissionsManageCustomPermissions |
Boolean |
Y |
Y |
true/false |
PermissionsManageCustomReportTypes |
Boolean |
Y |
Y |
true/false |
PermissionsManageDashbdsInPubFolders |
Boolean |
Y |
Y |
true/false |
PermissionsManageDataCategories |
Boolean |
Y |
Y |
true/false |
PermissionsManageDataIntegrations |
Boolean |
Y |
Y |
true/false |
PermissionsManageEmailClientConfig |
Boolean |
Y |
Y |
true/false |
PermissionsManageExchangeConfig |
Boolean |
Y |
Y |
true/false |
PermissionsManageHealthCheck |
Boolean |
Y |
Y |
true/false |
PermissionsManageHubConnections |
Boolean |
Y |
Y |
true/false |
PermissionsManageInteraction |
Boolean |
Y |
Y |
true/false |
PermissionsManageInternalUsers |
Boolean |
Y |
Y |
true/false |
PermissionsManageIpAddresses |
Boolean |
Y |
Y |
true/false |
PermissionsManageLeads |
Boolean |
Y |
Y |
true/false |
PermissionsManageLoginAccessPolicies |
Boolean |
Y |
Y |
true/false |
PermissionsManageMobile |
Boolean |
Y |
Y |
true/false |
PermissionsManageNetworks |
Boolean |
Y |
Y |
true/false |
PermissionsManagePasswordPolicies |
Boolean |
Y |
Y |
true/false |
PermissionsManageProfilesPermissionsets |
Boolean |
Y |
Y |
true/false |
PermissionsManagePropositions |
Boolean |
Y |
Y |
true/false |
PermissionsManagePvtRptsAndDashbds |
Boolean |
Y |
Y |
true/false |
PermissionsManageRecommendationStrategies |
Boolean |
Y |
Y |
true/false |
PermissionsManageRemoteAccess |
Boolean |
Y |
Y |
true/false |
PermissionsManageReportsInPubFolders |
Boolean |
Y |
Y |
true/false |
PermissionsManageRoles |
Boolean |
Y |
Y |
true/false |
PermissionsManageSessionPermissionSets |
Boolean |
Y |
Y |
true/false |
PermissionsManageSharing |
Boolean |
Y |
Y |
true/false |
PermissionsManageSolutions |
Boolean |
Y |
Y |
true/false |
PermissionsManageSubscriptions |
Boolean |
Y |
Y |
true/false |
PermissionsManageSurveys |
Boolean |
Y |
Y |
true/false |
PermissionsManageSynonyms |
Boolean |
Y |
Y |
true/false |
PermissionsManageTwoFactor |
Boolean |
Y |
Y |
true/false |
PermissionsManageUnlistedGroups |
Boolean |
Y |
Y |
true/false |
PermissionsManageUsers |
Boolean |
Y |
Y |
true/false |
PermissionsMassInlineEdit |
Boolean |
Y |
Y |
true/false |
PermissionsMergeTopics |
Boolean |
Y |
Y |
true/false |
PermissionsModerateChatter |
Boolean |
Y |
Y |
true/false |
PermissionsModerateNetworkUsers |
Boolean |
Y |
Y |
true/false |
PermissionsModifyAllData |
Boolean |
Y |
Y |
true/false |
PermissionsModifyDataClassification |
Boolean |
Y |
Y |
true/false |
PermissionsModifyMetadata |
Boolean |
Y |
Y |
true/false |
PermissionsNewReportBuilder |
Boolean |
Y |
Y |
true/false |
PermissionsPackaging2 |
Boolean |
Y |
Y |
true/false |
PermissionsPasswordNeverExpires |
Boolean |
Y |
Y |
true/false |
PermissionsPreventClassicExperience |
Boolean |
Y |
Y |
true/false |
PermissionsPrivacyDataAccess |
Boolean |
Y |
Y |
true/false |
PermissionsPublishMultiforce |
Boolean |
Y |
Y |
true/false |
PermissionsQueryAllFiles |
Boolean |
Y |
Y |
true/false |
PermissionsRemoveDirectMessageMembers |
Boolean |
Y |
Y |
true/false |
PermissionsResetPasswords |
Boolean |
Y |
Y |
true/false |
PermissionsRunFlow |
Boolean |
Y |
Y |
true/false |
PermissionsRunReports |
Boolean |
Y |
Y |
true/false |
PermissionsSandboxTestingInCommunityApp |
Boolean |
Y |
Y |
true/false |
PermissionsScheduleReports |
Boolean |
Y |
Y |
true/false |
PermissionsSelectFilesFromSalesforce |
Boolean |
Y |
Y |
true/false |
PermissionsSendAnnouncementEmails |
Boolean |
Y |
Y |
true/false |
PermissionsSendSitRequests |
Boolean |
Y |
Y |
true/false |
PermissionsShowCompanyNameAsUserBadge |
Boolean |
Y |
Y |
true/false |
PermissionsSolutionImport |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeDashboardRolesGrps |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeDashboardToOtherUsers |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeReportRolesGrps |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeReportsRunAsUser |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeReportToOtherUsers |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeToLightningDashboards |
Boolean |
Y |
Y |
true/false |
PermissionsSubscribeToLightningReports |
Boolean |
Y |
Y |
true/false |
PermissionsTraceXdsQueries |
Boolean |
Y |
Y |
true/false |
PermissionsTransactionalEmailSend |
Boolean |
Y |
Y |
true/false |
PermissionsTransferAnyCase |
Boolean |
Y |
Y |
true/false |
PermissionsTransferAnyEntity |
Boolean |
Y |
Y |
true/false |
PermissionsTransferAnyLead |
Boolean |
Y |
Y |
true/false |
PermissionsTwoFactorApi |
Boolean |
Y |
Y |
true/false |
PermissionsUseTeamReassignWizards |
Boolean |
Y |
Y |
true/false |
PermissionsUseWebLink |
Boolean |
Y |
Y |
true/false |
PermissionsViewAllActivities |
Boolean |
Y |
Y |
true/false |
PermissionsViewAllCustomSettings |
Boolean |
Y |
Y |
true/false |
PermissionsViewAllData |
Boolean |
Y |
Y |
true/false |
PermissionsViewAllForeignKeyNames |
Boolean |
Y |
Y |
true/false |
PermissionsViewAllUsers |
Boolean |
Y |
Y |
true/false |
PermissionsViewContent |
Boolean |
Y |
Y |
true/false |
PermissionsViewDataAssessment |
Boolean |
Y |
Y |
true/false |
PermissionsViewDataCategories |
Boolean |
Y |
Y |
true/false |
PermissionsViewEncryptedData |
Boolean |
Y |
Y |
true/false |
PermissionsViewEventLogFiles |
Boolean |
Y |
Y |
true/false |
PermissionsViewFlowUsageAndFlowEventData |
Boolean |
Y |
Y |
true/false |
PermissionsViewHealthCheck |
Boolean |
Y |
Y |
true/false |
PermissionsViewHelpLink |
Boolean |
Y |
Y |
true/false |
PermissionsViewMyTeamsDashboards |
Boolean |
Y |
Y |
true/false |
PermissionsViewPrivateStaticResources |
Boolean |
Y |
Y |
true/false |
PermissionsViewPublicDashboards |
Boolean |
Y |
Y |
true/false |
PermissionsViewPublicReports |
Boolean |
Y |
Y |
true/false |
PermissionsViewRoles |
Boolean |
Y |
Y |
true/false |
PermissionsViewSetup |
Boolean |
Y |
Y |
true/false |
PermissionsViewUserPII |
Boolean |
Y |
Y |
true/false |
SystemModstamp |
Datetime |
Y |
N |
|
UserLicenseId |
String (UserLicenseId) |
Y |
N |
|
UserType |
String |
Y |
N |
The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles. Valid values include: Standard PowerPartner CSPLitePortal CustomerSuccess PowerCustomerSuccess CsnOnly Guest |
UserRole Data Format
Name |
Type |
Export |
Import |
Description |
CaseAccessForAccountOwner |
String |
Y |
Y |
|
ContactAccessForAccountOwner |
String |
Y |
N |
|
DeveloperName |
String |
Y |
Y |
|
ForecastUserId |
String (UserId) |
Y |
Y |
|
Id |
String |
Y |
Y |
Unique Id generated during UserRole creation. This is mandatory when modifying a UserRole. |
LastModifiedById |
String (UserId) |
Y |
N |
|
LastModifiedDate |
Datetime |
Y |
N |
|
MayForecastManagerShare |
Boolean |
Y |
N |
|
Name |
String |
Y |
Y (R) |
Name of the role. |
OpportunityAccessForAccountOwner |
String |
Y |
Y (R) |
The opportunity access level for the account owner. Note that you can’t set a user role with an opportunity access less than that specified in organization-wide defaults. Eg. Edit. |
ParentRoleId |
String (RoleId) |
Y |
Y |
|
PortalAccountId |
String (PortalAccountId) |
Y |
Y |
|
PortalAccountOwnerId |
String (UserId) |
Y |
Y |
|
PortalType |
String |
Y |
N |
|
RollupDescription |
String |
Y |
Y |
|
SystemModstamp |
Datetime |
Y |
N |
Lookup Data
To lookup data from Salesforce REST, use the Data Mapper rule Lookup Data.
- Log in to the Workflow and Connectivity Studio and double-click the Data Mapper object on the Design pane. The Configure Data Mapper window displays.
- Select the Lookup Data rule under the Mapping Rule column, and then click the Source Value. The Configure Lookup window displays.
- Select the Salesforce REST system from the Select System drop-down list:
- In the Enter Lookup Prefix field, enter the prefix to be added to the Lookup fields.
- Select the Lookup Type (User (Default), Contact, ExternalUser, Profile or UserRole) from the drop-down list.
- Select the lookup method By Id or By Filter.
- Selecting By Filter, the next field will change to Filter. Click the Build button to bring up the filter dialog. The Filter usage was explained earlier in section Set Filter.
- Selecting By Id changes the next field to Id. Click Pick button along it to select the Id value as attribute/variable/literal.
- The next Pick button is used to define the attributes to be exported from the lookup.
- Select the Exit as Mapper Task Failed on Lookup Failure checkbox to exit the task with failed status on lookup failure. It will not process the succeeding entries and will ignore the already processed entries and will not return any data. This is selected by default.
- Click OK.