Permissions

4 minute read
  • Use predefined permission sets to control access to Emma for Salesforce.

  • Restrict what access users have within the Emma application.

  • Define the data users see in Salesforce via sharing rules and client configuration.

For most companies when you first install the application only system administrators will have full access. They can however assign one of our two predefined permission sets to other Salesforce users. The standard permission set allows a user to see our application, the full permission set gives an additional settings tab.

There is a tab called Emma which allows a person to access Emma without leaving Salesforce, for most companies all Salesforce users are allowed to access Emma without restriction. However, if you want to change that so some users see a restricted view then please review this Section.

The Emma tab will connect/display as the Emma user who initially connect the two systems. The Emma connecting user can be found on the general settings tab within the sync page.  

Emma for Salesforce includes custom objects to store Emma data in Salesforce records.These obey standard Salesforce security and ownership rules. If you want a Salesforce user to have access to our application but want to control the records they see please check out this Section.

Salesforce platform users are generally not supported due to their limited license type. Platform user lack access to standard Salesforce marketing features and objects. This means automation, for example our import wizard, will not run under that user type.

Adding a permission set

There are two types of permission set. Standard access which gives a user access to all features excluding settings. Full access which gives a user access to all settings as well as all features.

  1. In Salesforce go to the Emma admin app.

  2. Click on the General settings tab.

  3. Then select User security.

  4. Search and select for the user(s) you want to assign the permission set to.

  5. Click the Edit permissions button.

  6. Select the Standard or full access option and click Assign permission set.

If you cannot see the Emma app in Salesforce, you can manually add yourself to the permission set in Salesforce.

1. Setup, users, permission sets.
2. Select Emma full access manage assignments.
3. Add assignments.

Removing a permission set

  1. In Salesforce go to the Emma admin app.

  2. Click on the General settings tab.

  3. Then select User security.

  4. Search and select for the user(s) you want to assign the permission set to.

  5. Click the Edit permissions button.

  6. Select the None and click Assign permission set.

If a user does not have access to either permission set then automation will not be triggered. So for example if a record is updated by a user who does not have a permission set our products triggers will not fire.

Salesforce site user

The Salesforce site user runs different permissions to a normal Salesforce user. If you are using the process builder with transactional emails or directly calling into sites from an external website, then you may need to perform the following steps:

  1. Click Setup.

  2. In the search box type in sites and then click on Sites.

  3. Click on the value under the site label (i.e. the name you gave to the site).

  4. Click on the button Public access settings (at the top of the page). This will open the profile for the site user.

  5. Click on the button Assigned users (sometimes called 'View users').

  6. Click on the Full name (i.e. the name under the label - something like site guest user).

  7. Click on Permission set assignments.

  8. Edit assignments and add the Emma for Salesforce set.

  9. This assigns the Emma for Salesforce related objects (i.e. queue items).

Updating site user security settings is an advanced topic and requires a deep understanding of Salesforce security.

Restricting Record Access Within Salesforce

When an Emma account is added to Salesforce it will appear in the connected accounts table. Within this table we also show the Salesforce Security Owner. The Salesforce Security Owner is the user in Salesforce records will be created as for this particular Emma account. If you want to restrict access so a user or a group of users can only see Salesforce records for a specific Emma account you can use standard Salesforce security and sharing rules. The first step is to ensure that the records being created belong to one of the users you want to see the records. You can change the Salesforce Security Owner via the settings tab.
When the Emma records belong to the specific Salesforce Security Owner you can then use standard Salesforce security to make the following Emma objects private:

1. Emma Account
2. Emma Audience
3. Emma Group
4. Emma Mailing
5. Emma Mailing History
6. Emma Mailing Link

Once these objects are private on the Salesforce Security Owner (Salesforce Record Owner) will be able to see them. You can then extend access to other users via sharing rules.

Standard Salesforce security like sharing rules are not something we actively suppor. Salesforce security is a standard platform feature and needs to be configured by your Salesforce Administrator or consulting partner.

Next Steps

Below are two articles that are recommended reading and the best next steps.

FAQs

How do I manage billing?

How do I change Salesforce sync user?

How can I manage storage?

Is there any personally identifiable information passed across?

Are there any API limits?

How do I perform a full sync?

What happens when a person unsubscribes?

In this article