Salesforce Config
Salesforce Config
The purpose of this page is to document configuration of our SFDC org. This will serve as the “go-to” place to check in regards to questions on our general configuration.
Salesforce Provisioning
For roles that should automatically receive Salesforce access your account and permissions will be automatically created by Okta. For anyone else who needs Salesforce access for their job responsibilities, please open an Access Request.
Salesforce De-Provisioning
- User Off-Boarding - Users will be automatically deactivated by OKTA based on off-boarding issues. If OKTA is not able to deactivate users, a systems issue will be created to unblock the dependency and system team members will manually deactivate the users.
- Salesforce Licence Harvesting - User Management Team will run a monthly user report for last login > 60 Days. Based on the inactivity, users list will be provided to OKTA Team to de-activating users. Related AR issue will be created and the deactivated users will be communicated through
Salesforce Licence Harvesting
Slack Channel. - Service Account(s) - Service Account user will be manually de-activated by Systems Team and OKTA will not be able to de-provision integration user(s).
Salesforce Installed Packages
This has moved to the Internal Handbook
SFDC Certificates And Updating Expiring Certificates
Salesforce Certificates
Learn more about Salesforce Certificates and Keys here
Updating Expiring Certificates
The Salesforce knowledge base has a resource that addressed what to do and how to handle Expiring certificates. Currently in Salesforce our certificate is located in two places and needs to be updated in both. In order to update please follow the below steps and update in the following locations.
- Create a new certificate by searching for
Certificate and Key Management
in setup. From there create a self-signed certificate and ensure that the options match the certificat you are replaceing. Please note that the information in theCertificate
field will be slightly differnt between the old an new certificate. Then update the certificate in the following locations- SAML Single Sign-On Settings
- To update the certificate here update the certificate in the
Request Signing Certificate
picklist. (Do not upload the Salesforce Created Certificate into the fileIdentity Provider Certificate
)
- To update the certificate here update the certificate in the
- Identity Provider
- To update the certificate here update the certificate in the
Label
picklist
- To update the certificate here update the certificate in the
- SAML Single Sign-On Settings
Critical SFDC Permissions
Critical Permission | Systems Administrator | Sales Operations | All Other Profiles | Permission Set Assigned to Individuals |
---|---|---|---|---|
Deploy Change Sets | Yes | No | No | No |
Customize Application | Yes | No | No | No |
Manage Users | Yes | Yes | No | Yes - Sales Comp Team |
SFDC Backups
Our Salesforce Backup solution is Ownbackup. There compliance information is located here.
bc83f2be
)