• Use predefined permission sets to control access to Campaign Monitor for Salesforce.

  • Restrict what access users have within the Campaign Monitor application.

  • Define the data users see in Salesforce via sharing rules and client configuration.

For most companies when you first install the application only system administrators will have full access. They can however assign one of our predefined permission sets to other Salesforce users. See the permissions set section below for details on the different sets we provide.

There is a tab called Campaign Monitor which allows a person to access Campaign Monitor without leaving Salesforce, for most companies all Salesforce users are allowed to access Campaign Monitor without restriction. However, if you want to change that so some users see a restricted view then please review this Section.

The Campaign Monitor tab will connect/display as the Campaign Monitor user who initially connect the two systems. The Campaign Monitor connecting user can be found on the general settings tab within the sync page.  

Campaign Monitor for Salesforce includes custom objects to store Campaign Monitor data in Salesforce records.These obey standard Salesforce security and ownership rules. If you want a Salesforce user to have access to our application but want to control the records they see please check out this Section.

It is important than when connecting Campaign Monitor to Salesforce the user has full access permissions. This article explains how Campaign Monitor permissions work -

Permission Sets

The first thing to note is permission set are a standard Salesforce feature. A set is additative this just means that it will give a user extra permissions. To help we have provided some permission sets to help with different use cases.

1. Limited Access

This set provides access to our objects and allows code and triggers to run. It does not allow the user to see any part of our product in Salesforce.

This is useful if you want users that are edit or adding Salesforce records but don't need to see Campaign Monitor for Salesforce.

2. Standard Access
This set is similar, and gives all the features above, to the limited permission set but gives the user access to also see our application .

This is the most popular permission set for people that want to use our application but that should not have access to our Admin app which allows you to make changes to settings.

3. Full Access
This set is the same as standard but it also gives access to our Campaign Monitor for Salesforce Admin App.  This allows a user to make various setting changes.

4. Guest Access
Salesforce as of Spring 21 have made significant security changes to how the Salesforce Guest User accounts work. This set is specially designed so that you can apply it against Salesforce Guest Access users.

Adding a permission set

How to add permission sets.

  1. In Salesforce go to the Campaign Monitor admin app.

  2. Click on the General settings tab.

  3. Then select User security.

  4. Search and select for the user(s) you want to assign the permission set to.

  5. Click the Edit permissions button.

  6. Select the Standard or full access option and click Assign permission set.

If you cannot see the Campaign Monitor app in Salesforce, you can manually add yourself to the permission set in Salesforce.

1. Setup, users, permission sets.
2. Select Campaign Monitor full access manage assignments.
3. Add assignments.

Removing a permission set

  1. In Salesforce go to the Campaign Monitor admin app.

  2. Click on the General settings tab.

  3. Then select User security.

  4. Search and select for the user(s) you want to assign the permission set to.

  5. Click the Edit permissions button.

  6. Select the None and click Assign permission set.

If a user does not have access to either permission set then automation will not be triggered. So for example if a record is updated by a user who does not have a permission set our products triggers will not fire.

Security Rules

Security rules allows you to automate managing Campaign Monitor for Salesforce Permission Sets based on Salesforce profiles.

The rules will automatically add and remove Salesforce users from the permission sets by using the Run & schedule button. This will run the rules instantaneously and schedule them to be run in the background every 12 hours.

The common use case for this is to automatically assign the Limited access permission set to general Salesforce users who don't need to directly interact with Campaign Monitor. The Limited Access permission set allows Salesforce users to access to the underlying processes required to perform actions such as renaming an email and have it reflect in Campaign Monitor, or push field mappings to Campaign Monitor - but without seeing any Campaign Monitor screens within Salesforce.

Access to the Campaign Monitor tab

The Campaign Monitor tab allows you to access Campaign Monitor as if you logged into the application directly (i.e. single sign on).

Salesforce users who have access to the tab will view it as the connected user which can be found via sync settings within our general settings tab. If you’d prefer a Salesforce user has a restricted view you can set an override user in Salesforce for that person.  
An override user is another Campaign Monitor user that has a different access to the connected user.  It is worth noting that you can link Salesforce users to the same user in Campaign Monitor. This avoids the need to setup lots of Campaign Monitor users.  In the context of the integration think of a Campaign Monitor user as a Salesforce profile.

Direct Campaign Monitor account
This is the most common type of Campaign Monitor account. The account can have one or more users linked to a Salesforce user to restrict what they can do in Campaign Monitor. See the section below on adding an override user.

Agency Campaign Monitor account
Some customers will either be part of a marketing agency, or a large company that uses this style of account. An agency account allows a company to have a parent Campaign Monitor client and linked sub clients beneath. In this case you may want to limit Salesforce users to a particular Campaign Monitor client and/or with limited permissions. Campaign Monitor's security model is quite different to Salesforce's. In terms of the integration you can think of a Campaign Monitor user more like a Salesforce profile. It is possible to create one Campaign Monitor user that has access to a client with either full, standard or custom permissions and link it to many Salesforce users.

Due to limitation on the Campaign Monitor API you will only see the administrator that setup the integration, we will not show other administrators.

The ideal setup is to have Campaign Monitor users created for each client in the agency that you need access to. Simply use the same email address when creating those users. They will then appear when linking Campaign Monitor users to Salesforce users.

Adding the override user

  1. In Salesforce go to the Campaign Monitor admin app.

  2. Click on the General settings tab.

  3. Then select User security.

  4. Search and select for the user(s) you want to assign the permission set to.

  5. Click the Link Campaign Monitor user button.

  6. Select the Campaign Monitor client.

  7. Select the Campaign Monitor user, if you don't have a user you can create one by clicking Create new Campaign Monitor user.
    If you don't see the Campaign Monitor user, check:
    a) they have the "Limit account access" checkbox checked (along with the extra permissions they need.)
    b) they are not an admin user (if using an Agency account).

  8. If you have selected a Campaign Monitor user or created a new one you just need to click the Link user button.

Records created within Salesforce are controlled by the Campaign Monitor client record. Adding a Salesforce user will assign the client and all related records.  This enables you to use Salesforce security controls to make records private or make visible to a group with sharing rules.

Restricting record access within Salesforce

When the primary sync runs, the Salesforce owner records created by the sync will be set to the connected user, you can see who this is via the general settings tab under sync settings.

The Salesforce record owner can be changed by going to a Campaign Monitor client record (usually there is only one, but if you have sub clients in Campaign Monitor there will be many) and entering a Salesforce username under the field named Salesforce user. This will then update the ownership of the Campaign Monitor client record and going forward will update related records:

  1. Subscriber list.

  2. Subscriber list member.

  3. Email tracking history.

If you would like this change to affect all related records then you need to perform a full refresh.

Salesforce site user

External security is a complex topic and may require assistance from your Salesforce admin or one of our partners.

As of Spring 21, Salesforce are making potentially breaking changes to how Guest access works. By default the guest user can no longer update or delete rows in Salesforce. You can read more on this via their support site: Guest User Security Policies and Timelines

The Salesforce site user runs different permissions to a normal Salesforce user. If you are using the process builder with transactional emails or directly calling Salesforce from an external website (using Sites), then you may need to assign the site user our Campaign Monitor - Guest Access permission set.

The Guest Access permission set can be added via the User Security screen (see: Adding a permission set).

Alternatively, you can manually add the permission set using the steps below.

  1. Click Setup.

  2. In the search box type in sites and then click on Sites.

  3. Click on the value under the site label (i.e. the name you gave to the site).

  4. Click on the button Public access settings (at the top of the page). This will open the profile for the site user.

  5. Click on the button Assigned users (sometimes called 'View Users').

  6. Click on the Full name (i.e. the name under the label - something like site guest user).

  7. Click on Permission set assignments.

  8. Edit assignments and add the Campaign Monitor - Guest Access permission set (this permission set only allows creation of new records and reading of some records).

  9. This assigns the Campaign Monitor for Salesforce related objects (E.g. queue items).

As of Spring 21, triggering automatic subscriptions/subscriber rules via a guest user may not work in some cases (given update and delete are no longer supported).

If your code or transactional setup also read and writes to other Salesforce objects then the sharing settings need to be enabled for external access to the root object that is used by any transactional emails or your code (i.e. opportunity, account, contact):

  1. Navigate to security controls, then select sharing settings, finally click edit.

  2. Set default internal access and default external access to public read only (for contact, you typically need to do this at the account level).

If you have enabled tasks with transactional emails, you may also need to set the sharing settings for tasks (i.e. activity) to be controlled by parent.

In this article