Salesforce - Permissions

This document covers information on what permissions the Popl integration with Salesforce uses.

Least Privilege

Our integration with Salesforce utilizes Role Based Access Controls (RBAC) which in turn uses the security principle of least privilege. Least privilege means that the enterprise app created by the integration has precisely the amount of privilege that is necessary to perform the and nothing more.

Permissions

The Salesforce integration uses the following permissions:

OAuth Scope Name

OAuth Scope Description

Reasoning

openid

Access unique user identifiers (openid)

This scope is used with OpenID Connect. It allows access to the user's unique identifier

api

Manage user data via APIs (api)

Grants access to the authenticated user's data via the Salesforce REST and SOAP APIs.

web

Manage user data via Web browsers (web)

Allows the app to use the web-based flow to authenticate the user and access Salesforce with consent, through the UI.

refresh_token

Perform requests at any time (refresh_token)

Allows the app to receive a refresh token to obtain new access tokens.

offline_access

Perform requests at any time (offline_access)

Allows the app to perform background tasks or long-running sessions without requiring re-login.

If any issues or questions, please contact us at [email protected], we are available nearly 24/7 and will get back to you within 6-8 hours or less.

With 🤍 from Popl.

PreviousSalesforce - Lead/Contact Sync Logic NextSalesforce Integration (Legacy)

Last updated 1 day ago