Why does ClosePlan use Named Credentials?

What are Named Credentials?

Named Credentials is a feature in Salesforce introduced in their Spring ’15 release. Named Credentials relieves the need for hardcoded credentials within an organization’s Apex codebase.

Named Credentials eliminate the need to embed sensitive authentication information such as tokens or credentials and are one of the components used by ClosePlan to access Salesforce APIs.

ClosePlan needs Connected App, OAuth Provider and Named Credentials to access Metadata APIs, Tooling APIs, and UI APIs.

What we do with these APIs:

CloserPlan uses these APIs to access data that is not accessible with Apex.

ClosePlan uses Metadata to tweak configurations in a controlled way.

  • Example: Sales Process:

    • Which Sales Stage belongs to what Sales Process?

  • Example: Changing Picklist Values

    • Whenever a User updates the Relationship Map Picklist Values, several objects are updated at the same time. Additional Metadata related to those Picklist values are also defined.

  • ClosePlan maintains the state of the Metadata to avoid user errors like typos.

External Access to the System

ClosePlan Connected App does not provide any access to a Client Org under any circumstances.

In order for the the Connected Application to provide access, a 3rd party would need to have the Consumer Key, the Consumer Secret Key and would also need to be a User within the system with Login and Password.

Important Points:

  • ClosePlan updates and changes ONLY ClosePlan metadata.

  • ClosePlan does NOT touch the metadata of the Client organization.

  • Named Credentials must be authorized by the Sys Admin (which is defined by having Customize Application permission).

  • ClosePlan provides no bypass for a Standard User to edit or change Salesforce Metadata through the ClosePlan Admin feature.

    • The User must be a System Adminstrator with corresponding required permissions.

    • If the User is not a System Administrator with corresponding required permission, ClosePlan will prohibit modification of Metadata and display a message.

 

Note:

In Classic, Salesforce legacy behavior permits a direct call to metadata APIs. In Lightning, Salesforce changed the behavior to increase security.

 

** If a client or prospect requires any further clarification, please open a ticket at Support@People.ai