This guide outlines the Salesforce permissions required for the connected user to ensure Sweep functions properly across each Salesforce environment (Production, Sandbox, etc.).
For optimal performance and minimal configuration issues, we recommend assigning the connected user an Admin profile. If that's not feasible, the following sections detail the minimal required permissions needed for Sweep to operate as intended.
For the permissions needed for the Salesforce users see this article.
Required Licenses
Salesforce API Integration License (needed to assign Sweep Permission Set Group)
Required Permission Set Group
Sweep Funnels Permissions Group
Required Permissions
The below permissions can be added to a dedicated Permission Set or included in the Sweep Funnels User Permission Set.
General System Access
API Enabled (integration profile)
Modify Metadata Through Metadata API Functions
View Roles and Role Hierarchy
View Setup and Configuration
Customize Application
Manage Custom Permissions
Manage Profiles and Permission Sets
Reports and Dashboards
To create and manage reports and dashboards:
Create and Customize Dashboards
Create and Customize Reports
Create Report Folders
Report Builder
View Dashboards in Public Folders
Manage Dashboards in Public Folders
Run Reports
Edit My Dashboards
Create Dashboard Folders
Automations and Alerts
To support deployment and operation:
Author Apex (for Apex classes and triggers)
View All Data (for automation and integration access)
View Reports in Public Folders
View Event Log Files
Read and View access on all Standard and Custom Objects
If using sharing rules: Read/Edit access required
For fields like Date Arrive and Time in Step: Edit required for populated fields; Read access sufficient for others
Dedupe and Matching Permissions (subject to change)
Object Pair | Required Fields |
Lead to Lead | Lead.Name, Lead.Email, Lead.Duplicate_Record__c, Lead.Company, Lead.Status, Lead.CreatedDate, Users.Alias |
Lead to Contact | Lead.Name, Lead.Email, Lead.Duplicate_Contact__c, Lead.Company, Lead.Status, Lead.CreatedDate, Users.Alias |
Account to Account | Account.Name, Account.BillingState, Account.Phone, Account.Type, Account.Duplicate_Record__c |
Contact to Contact | Contact.Name, Account.Name, Contact.Title, Contact.Phone, Contact.Email, Contact.Duplicate_Record__c |
Case to Case | Case.CaseNumber, Case.Subject, Case.Duplicate_Record__c, Case.Status, Case.Name, Account.Name, Case.CreatedDate, Owner.Name |
Opportunity to Opportunity | Opportunity.Name, Account.Name, Opportunity.StageName, Opportunity.CloseDate, Opportunity.Amount, Opportunity.Type, Users.FullName |
AI Support
To enable Sweep AI features:
Custom Permission: Sweep.Enable_Sweep_AI_Support
Integrations
Access to External Credential:
externalCredentialPrincipalAccesses β Sweep__Sweep_External_Credential
User External Credential Access:
Ensure CRUD (Create, Read, Update, Delete) permissions are granted
Potential Limitations if Permissions Are Missing
Change Feed information
Object and Field visibility (used to generate field and object lists)
Funnel creation from templates (requires object and field permissions)
Importing Record Types
First deployment that creates triggers and test classes (requires CRUD permissions) - subject to future change
Fetching metadata or objects without the proper access
Field/Record Type creation when an existing field or record type with the same name is hidden from the user
Not Supported without Admin Profile
Email Templates: Not accessible to non Admin users