Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

What are Named Credentials?

Named Credentials were introduced in Salesforce in Spring '15 and provide a reliable and secure way to store sensitive information such as authorization details. Among other features, Named Credentials allow native SFDC applications to use this information without exposing it.

Why does ClosePlan need Named Credentials?

ClosePlan needs an authorized Named Credential (+ Connected App, Auth. Provider) to access other Salesforce APIs such as Metadata, Tooling, and UI APIs. This ensures that ClosePlan doen’t need to manage any sensitive information as the entire process is automatically managed by SFDC. It is also the official and only way to access these APIs from within the Salesforce environment.

What we do with these APIs:

CloserPlan uses these APIs to access data that is not accessible with Apex / SOQL.

ClosePlan uses Metadata to tweak configurations in a controlled way.

  • Example: Sales Process:

    • Which Sales Stage belongs to what Sales Process?

  • Example: Changing Picklist Values

    • Whenever a User updates the Relationship Map Picklist Values, several objects are updated at the same time. Additional Metadata related to those Picklist values are also defined.

  • ClosePlan maintains the state of the Metadata to avoid user errors like typos.

External Access to the System

ClosePlan Connected App does not provide any access to a Client Org under any circumstances.

In order for the the Connected Application to provide access, a 3rd party would need to have the Consumer Key, the Consumer Secret Key and would also need to be a User within the system with Login and Password.

Authentication with an Integration User

In most Orgs, ClosePlan Named Credentials are authenticated by a System Administrator.

Some Orgs prefer to authenticate the Named Credentials with an Integration User. In this case the Integration User must be provided with Modify All Data permission.

In the event that Modify All Data cannot be assigned to the Integration User, ClosePlan can still function with some functionality limitations. Examples of these limitations are:

  • Picklist Values will not be editable

  • Field creation will not be permitted, such as attempting to create a Custom Attribute in the ClosePlan Admin

  • Additional Administrative limitations can also occur

Are Named Credentials required for ClosePlan to function?

ClosePlan can function without Named Credential authentication, however some Administrative functionality will be prevented such as but not limited to:

  • Picklist Values will not be editable

  • Field creation will not be permitted, such as attempting to create a Custom Attribute in the ClosePlan Admin

  • Additional Administrative limitations can also occur

Work-around

For Orgs that cannot allow authentication for Named Credentials to remain active, the following work-around may be an alternative:

  • After Installing and configuring the ClosePlan app, and completing all required templates and settings needed for ClosePlan to function as needed, a Sys Admin can remove Named Credential authentication.

  • In the event that Administrative work needs to be done on ClosePlan (Such as create a Custom Attribute) Named Credentials can be authenticated temporarily, the work completed and then Named Credential authentication can be removed again.

Important Points:

  • ClosePlan updates and changes ONLY ClosePlan metadata.

  • ClosePlan does NOT touch the metadata of the Client organization.

  • Named Credentials must be authorized by the Sys Admin (which is defined by having Customize Application permission).

  • ClosePlan provides no bypass for a Standard User to edit or change Salesforce Metadata through the ClosePlan Admin feature.

    • The User must be a System Adminstrator with corresponding required permissions.

    • If the User is not a System Administrator with corresponding required permission, ClosePlan will prohibit modification of Metadata and display a message.

Note:

In Classic, Salesforce legacy behavior permits a direct call to metadata APIs. In Lightning, Salesforce changed the behavior to increase security.

** If a client or prospect requires any further clarification, please open a ticket at Support@People.ai

  • No labels