SmartConnect 2018

Salesforce User Security

When linking SmartConnect with Sales force the users needed to access Salesforce, and the way Salesforce is to be accessed must be defined within the SmartConnect Salesforce setup screen.

 

The following process is followed when determining the user details that are to be used to access Salesforce from SmartConnect:

1.If the required access is to query or update Salesforce entities.
a.If the default security section has been defined in the SmartConnect Salesforce connector setup window the specified user details are used to connect to Salesforce.
b.If the current user has specified their own connection details for Salesforce, and those details are still valid the individual user details are used to connect to Salesforce.
c.If the current user has not specified their own connection details, or the specified details are no longer valid the user will be prompted to enter their own Salesforce connection details before proceeding.
2.If the required access is to create or amend Salesforce apex objects.
a.If the Administration Security section has been defined in the SmartConnect Salesforce connector setup window, the specified user details are used to connect to Salesforce.
b.If the default security section has been defined in the SmartConnect Salesforce connector setup window, the specified user details are used to connect to Salesforce.
c.If the current user has specified their own connection details for Salesforce, and those details are still valid the individual user details are used to connect to Salesforce.
d.If the current user has not specified their own connection details, or the specified details are no longer valid the user will be prompted to enter their own Salesforce connection details before proceeding.

 

Security required for standard functions:

SmartConnect uses standard Salesforce security when connecting to Salesforce in order to insert, update or delete data.

Note: the Salesforce partner API is used for all standard connections between SmartConnect and Salesforce.

Each Salesforce user that will be used to connect to Salesforce via SmartConnect must be set up to allow remote access.
Standard Salesforce security should be used to determine what entities and fields users can and cannot access.
SmartConnect will then restrict users to the entities and fields they have access rights to via the Salesforce API.

 

Security required for administrative functions:

In standard environments most users do not have rights to access areas of Salesforce where new entities and fields are created, or create amend and delete apex scripts. Because of this, and to restrict this functionality from standard user accounts SmartConnect can be set up to channel functions that require this access through an 'Administrative' user account, while keeping standard processing at the usual user account level.

Note: SmartConnect uses both the Salesforce Apex and Meta data API's to perform these functions. Functions that require Administrative access through SmartConnect are as follows:

Creating change tables for SmartConnect change data sources.
Creating change apex triggers for SmartConnect change data sources.
Creating and maintaining the classes required for SmartConnect real time data sources.
Creating the real time data source master table.
Creating the real time data source apex triggers.

 

The user(s) specified within SmartConnect to perform these administrative functions must have the following security access:

Each user must be set up to allow remote access.
Each user must have rights to create and maintain new apex objects (tables)
Each user must have rights to create and maintain new apex scripts (triggers and classes)
Each user must have rights to add apex triggers to current / standard Salesforce entities.
Each user must have rights to add and remove entries to objects created by SmartConnect.