Skip to main content

Salesforce Users Permissions

Yahel Gaver avatar
Written by Yahel Gaver
Updated over 7 months ago

This guide outlines the field-level and feature-specific permissions required for Salesforce users in order for Sweep to function successfully.

For the permissions needed for the connected user see this article.

Base Guidelines

  1. Sharing Settings: Read/Edit access is required to interact with records according to sharing rules.

  2. Object Permissions: Vary by action. For example, the Create Record action requires the Create permission.

  3. User Role Visibility: To access the UserRole object, the permission View Roles and Role Hierarchy must be granted.

  4. Recommended Setup: Assigning the Sweep Permission Set Group (PSG) is recommended. If only the Sweep MP User Permission Set (included in PSG) is used, review the limitations listed at the end of this document.

Funnels

  • Read permission is required for all fields used in the funnel.

  • Edit permission is required for Data Management plugin fields (granted during deployment via the Sweep Funnel User permission set).

  • View Roles and Role Hierarchy permission is required if the User and Role are enabled in the Data Management plugin.

Rollups

Calculate on Every Child Object Update

  • Read permission: all referenced fields

  • Edit permission: rollup field

Scheduled Timing (runs as connected user)

  • Read permission: all referenced fields

  • Edit permission: rollup field (connected user must have this)

Automations, Alerts and Routing

Sweep Triggers

Mode

Date Arrive / Time in Step

Scheduled

Automation/Alerts/Assignments

User

  • Edit: fields being populated

  • Read: all other fields

  • Edit: fields being populated

  • Read: all other fields
    ​
    *Runs with connected user permissions.

System

-

-

Sweep Actions

Mode

Create/Update Record

Slack/URL/Webhooks

Assignments

User

  • Edit: fields being populated

  • Read: all other fields

  • Edit: fields being populated

  • Read: all other fields

  • User External Credential: Read and View

  • Edit: fields being populated

  • Read: all other fields

System

β€”

  • User External Credential: Read and View

β€”

Additional Requirements:

  • Assignment Groups: Read access for all fields used in group limits

  • Territories: Read access for all fields used in territories

Dedupe & Matching

Mode

Dedupe

Matching

Assignment

Slack and Webhooks

User

  • Filter Usage: Read permission

  • Manual Merge: Edit on Duplicate Record lookup field

  • Automated Merge: Edit all fields

  • Edit on Duplicate Record lookup field

  • Edit: fields being populated

  • Read: all other fields

  • Edit: fields being populated

  • Read: all other fields

  • User External Credential: Read and View

System

  • User External Credential: Read and View

AI Support

  • Custom Permission: Sweep.Enable_Sweep_AI_Support

  • User External Credential: Read and View permissions required

Slack/Teams permissions

See full article.

Dynamic Path

  • Edit permission is required if a user will populate fields through Dynamic Path

Limitations When Using Sweep MP User Permission Set Only

Using only the Sweep MP User Permission Set (without the full PSG) restricts access to several key Sweep-created components:

User Mode

  • Data Management plugin fields

  • Fields created from Sweep Templates (Funnels will not function if inaccessible)

  • Duplicate/Matching fields

  • Fields created through Sweep Field Management

  • Rollup fields created in Sweep

  • Record Types (Funnels) created in Sweep

System Mode

  • Data Management plugin fields

  • Fields created from Sweep Templates (Funnels will not function if inaccessible)

  • Rollup fields created in Sweep

  • Record Types (Funnels) created in Sweep

To avoid these issues, assign the full Sweep PSG.

Did this answer your question?