Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Security

A user can be granted access to an item or an item type in several ways. Not all possible ways are currently included in the connector. The security is layered and the security overrides depend the individual Salesforce environment settings. Initial access can be given or denied for all entities of a certain entity type and later access can be granted or restricted for individual items of this entity type. Security permissions are given by Licenses, Organization-Wide Defaults, Profiles, Permission Sets, Public Groups, User and Group Sharing (Direct Sharing), Roles, Inherited Access (for managers), Object Sharing and Field Accessibility.


The current user security access is implemented in the connector.

  • User access is given by the user Id
  • Group access is given from user roles and inherited sub roles
  • Permission to view all data, if the profile has this access
  • Permission to view all users, if the profile has this access

Authentication

At search time users needs to log into their Salesforce accounts in ViaWorks. This authentication is done under Account & Settings and Source Credentials.

The salesforce security token is given for each user and can be reset and sent by email from Salesforce. This user token is needed together with the username and password to get access to the API and use the connector. It is possible to omit the token and only use the username and password to login. This is done by adding the IP in use under IP Login IP Ranges in Salesforce. The ranges are given for each profile group (for example System Administrator etc). Each user having the current profile can then login without the security token. Still a random text string must be filled in the field salesforcetoken in the window, to be able to authenticate the user, but this text is ignored.

Authorization

Items are marked with a list of Salesforce groups and user SIDs at fetching time. At search time, users are given SIDs based on the Salesforce account associated with the ViaWorks login.
Example:

  • Salesforce_999 005A0000004wzojIAA (User)
  • Salesforce_999 00GA0000001LnPuMAK (Group)
  • Salesforce_999 Account (View all account - from user settings)
  • Salesforce_999 AllData (View all data - from profile settings)
  • Salesforce_999 Users  (View all users - from profile settings)


  • No labels