There are two modes in which the sync can run:
This article covers the permissions required to sync a Salesforce Org in default mode.
Managed mode allows the sync to run where the Salesforce user account performing the sync has not been given rights to view the object data. To enable the sync in managed mode contact the Elements success team to discuss the implications and enable this feature.
Permissions Required to run the Sync in Default Mode
When connecting Elements to an Org a Salesforce user account is required to authenticate the connection to Salesforce. This results in an OAuth refresh token being provided to Elements which is stored and subsequently used to login to Salesforce for each Sync.
General user permissions
The user account that is used to run the sync has to have the following permissions in order for the sync to work:
View All Data - this is required to allow the field data population analysis
View All Users - this is required for the analytics reporting
View Setup and Configuration
View All Custom Settings
Manage All Private Reports and Dashboards
Modify Metadata Through Metadata API Functions - this is required to execute the sync
Run Reports - this is required to be able to access the report definition
Object specific permissions
The following Object permissions will also be required if the Elements managed package has been installed.
Assigning the Q9Elements permission set will allocate the permissions below:
The Batch Log object requires Read, Create, Edit and Delete permissions
The following Apex classes have to be enabled if the Elements Catalyst managed package is installed
A user with the Standard User profile and the permissions listed above will be able to run the full sync process.
A user with System Administrator permissions will have these permissions by default.