Versions Compared

Old Version 2

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

EmpowerID includes two Salesforce connectors – the standard connector and a SCIM connector – that organizations can use to bring the user data (user accounts, permissions sets, profiles and roles) in their Salesforce

...

domains to EmpowerID, where

...

that information can be managed and synchronized with data in any connected back-end user directories. Once connected, you can manage this data from EmpowerID in the following ways:

  • Account Management

    • Inventory user accounts

    • Create, Update and Delete user accounts

    • Enable and Disable user accounts

  • Group Management

    • Inventory groups

    • Inventory group memberships

    • Create groups

    • Add and Remove members to and from groups

...

Inventory Objects and their corresponding components in EmpowerID

Object in Salesforce

Component in EmpowerID

User

Account

Profile

Profile Group

User Role

Primary Role Group

Permission Set

SF Permission Set

User License

Group License

Permission Set Assignment

Group Account

Attribute Mapping

The below table shows the attribute mappings of Salesforce

...

objects to EmpowerID

...

.

Profile

Attribute in Salesforce

Attribute

...

in EmpowerID

...

...

ID

...

SystemIdentifier

...

Name

...

First Name of a user

...

LastName

...

LastName

...

Last Name of a user

...

Name

...

Name

...

Full Name of a user

...

Email

...

Email

...

Email address of a user

...

Phone

...

Telephone

...

Telephone number of a user

...

Title

...

Title

...

Job title of a user

...

IsActive

...

Active

...

Active status of a user

...

Department

...

Department

...

Department in which a user works

...

Company

...

Company

...

Company where a user works

...

City

...

City

...

City where a user is located

...

Country

...

Country

...

Country of user

...

ManagerId

...

ManagerPersonID

...

Name

UserLicenseId

GroupLicenseId

User Role

Attribute in Salesforce

Attribute in EmpowerID

ID

SystemIdentifier

Name

Name

Permission Set

Attribute in Salesforce

Attribute in EmpowerID

ID

SystemIdentifier

Name

Name

Permission Set Assignment

Attribute in Salesforce

Attribute in EmpowerID

AssigneeId

Converted to AccountID

PermissionSetId

Converted to PermissionSetGroupID

User License

Attribute in Salesforce

Attribute in EmpowerID

ID

LicenseIdentifier

Name

Name

User

Salesforce Attribute

EmpowerID Person Attribute

active

Active

ID

SystemIdentifier

Department

Department

Manager

ManagerPersonID

Street

StreetAddress

Alias

EmailAlias

city

city

Country

Country

Email

Email

Name

Name

LastName

LastName

FirstName

FirstName

ProfileId

ExtensionAttribute15

UserRoleId

ExtensionAttribute14

state

state

displayName

FriendlyName

Info

When EmpowerID inventories Salesforce, it creates an account in the EmpowerID Identity Warehouse for each Salesforce user, a group for each Salesforce profile, a group for each Salesforce role, and a group for each Salesforce permission set. EmpowerID distinguishes these groups from one another by group type. Groups created for Salesforce profiles have a group type of ProfileGroup (GroupTypeID of 15), while groups created for roles have a group type of PrimaryRoleGroup (GroupTypeID of 16). This information becomes important if you use EmpowerID to create users in Salesforce as each Salesforce user must have a profile

...

Step 1 – Create a Salesforce account store in EmpowerID

  1. On the navbar, expand Admin > Applications and Directories and then select Account Stores and Systems.

  2. On the Account Stores page, select the Actions tab and then click Create Account Store.

    Image Removed

  3. Under System Types, search for Salesforce.

  4. Click the Salesforce.com record to select the type and then click Submit.

    Image Removed

  5. On the Salesforce settings page that appears, fill in the following information

    1. User Name — Enter the username of the Salesforce account you created in Salesforce for EmpowerID.

    2. Password — Enter the password for the connection account.

    3. Service Account Token — Enter the value of the token generated by Salesforce for the selected user account.

    4. URL — Enter https://<YourSalesforceDomain>/services/Soap/c/34.0. Replace <YourSalesforceDomain> with the name of your Salesforce domain.

  6. When you have added your settings, click Submit to create the account store.

...

.

...

Insert excerpt
IL:

...

External Stylesheet
IL:

...

External Stylesheet
nopaneltrue

...

Now that the attribute flow has been set, the next steps include configuring the account store and enabling EmpowerID to inventory it.

Step 3 – Configure account store settings

On the Account Store and Resource System page for Salesforce, click the Account Store tab and then click the pencil icon to put the account store in edit mode.

...

Edit the account store as needed and then click Save to save your changes.

Next, enable the Account Inbox permanent workflow to allow the Account Inbox to provision or join the user accounts in Box to EmpowerID Persons as demonstrated below.

Tip

EmpowerID recommends using the Account Inbox for provisioning and joining.

Step 4 – Enable the Account Inbox Permanent Workflow

...

Step 5 – Monitor Inventory

...

stylefloat: left; position: fixed;

IN THIS ARTICLE

...

...

Next Steps

Connect to Salesforce

About the Salesforce SCIM Connector

Connect to Salesforce using the SCIM Connector - Requires an Azure Tenant