To get most of the Elements features, we require you to run the Org sync with certain permissions. We will explain who, what, why and how in this article.
Article outline
Prerequisites
Org sync modes
Permissions Required to run the Sync in Default Mode
General user permissions
Object specific permissions
Apex class permissions
You might also be interested in
Prerequisites
To run the Org Sync, it is best to have either "System Administrator" permissions or "Standard User" permissions with additional permissions (listed below)
Org sync modes
There are two modes in which the sync can run:
Default
Managed
This article covers the permissions required to sync a Salesforce Org in Default mode.
Managed mode allows the sync to run where the Salesforce user account performing the sync has not been given rights to view the object data. To enable the sync in managed mode, contact the Elements success team (success@elements.cloud) to discuss the implications and enable this feature.
Permissions Required to run the Sync in Default Mode
When connecting Elements to an Org, Salesforce user account is required to authenticate the connection to Salesforce. This results in an OAuth refresh token being provided to Elements which is stored and subsequently used to login to Salesforce for each Sync.
A user with the System Administrator permission will have all required permissions by default.
Standard User profile will require all the permissions listed below to run the sync.
General user permissions
The user account that is used to run the sync has to have the following permissions in order for the sync to work:
View All Data - this is required to allow the field data population analysis
View All Users - this is required for the analytics reporting
View Setup and Configuration
View All Custom Settings
Author Apex
API Enabled
Manage Sharing
Manage Flows
Manage Users
Manage All Private Reports and Dashboards
Modify Metadata Through Metadata API Functions - this is required to execute the sync
Run Reports - this is required to be able to access the report definition
Object specific permissions
The following Object permissions will also be required if the Elements managed package has been installed.
Assigning the Q9Elements permission set will allocate the permissions below:
The Batch Log object requires Read, Create, Edit and Delete permissions
Apex class permission
The following Apex classes have to be enabled if the Elements managed package is installed
Q9.ElementsREST
Q9.ElementsSettingsControllerBundle
You might also be interested in
Data Security and Compliance Document - find out what do we do to make sure you are in good, secure hands
Our data security policies and certifications - find out what steps we take to ensure your and your data security while working with Elements
Connect your Org and start the sync - step-by-step guide how to start using Org sync feature