Salesforce Config

The purpose of this page is to document configuration of our instance of Salesforce at GitLab. This will serve as the go-to place to check in regards to questions on our general Salesforce configuration.

Salesforce Config

The purpose of this page is to document configuration of our SFDC org. This will serve as the “go-to” place to check in regards to questions on our general configuration.

Salesforce Provisioning

For roles that should automatically receive Salesforce access your account and permissions will be automatically created by Okta. For anyone else who needs Salesforce access for their job responsibilities, please open an Access Request.

Salesforce De-Provisioning

  • User Off-Boarding - Users will be automatically deactivated by OKTA based on off-boarding issues. If OKTA is not able to deactivate users, a systems issue will be created to unblock the dependency and system team members will manually deactivate the users.
  • Salesforce Licence Harvesting - User Management Team will run a monthly user report for last login > 60 Days. Based on the inactivity, users list will be provided to OKTA Team to de-activating users. Related AR issue will be created and the deactivated users will be communicated through Salesforce Licence Harvesting Slack Channel.
  • Service Account(s) - Service Account user will be manually de-activated by Systems Team and OKTA will not be able to de-provision integration user(s).

Salesforce Installed Packages

This has moved to the Internal Handbook

SFDC Certificates And Updating Expiring Certificates

Salesforce Certificates

Learn more about Salesforce Certificates and Keys here

Updating Expiring Certificates

The Salesforce knowledge base has a resource that addressed what to do and how to handle Expiring certificates. Currently in Salesforce our certificate is located in two places and needs to be updated in both. In order to update please follow the below steps and update in the following locations.

  • Create a new certificate by searching for Certificate and Key Management in setup. From there create a self-signed certificate and ensure that the options match the certificat you are replaceing. Please note that the information in the Certificate field will be slightly differnt between the old an new certificate. Then update the certificate in the following locations
    • SAML Single Sign-On Settings
      • To update the certificate here update the certificate in the Request Signing Certificate picklist. (Do not upload the Salesforce Created Certificate into the file Identity Provider Certificate)
    • Identity Provider
      • To update the certificate here update the certificate in the Label picklist

Critical SFDC Permissions

Critical Permission Systems Administrator Sales Operations All Other Profiles Permission Set Assigned to Individuals
Deploy Change Sets Yes No No No
Customize Application Yes No No No
Manage Users Yes Yes No Yes - Sales Comp Team

SFDC Backups

Our Salesforce Backup solution is Ownbackup. There compliance information is located here.

Last modified March 20, 2024: fix: Update links to "End User Services". (a68c0e2d)
View page source - Edit this page - please contribute. Creative Commons License