You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Skip to end of banner
Go to start of banner

Salesforce Connector

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

EmpowerID includes a Salesforce connector that allows organizations to bring the user data (user accounts, permissions sets, profiles and roles) in their Salesforce domain to EmpowerID, where it can be managed and synchronized with data in any connected back-end user directories. Once connected, you can manage this data from EmpowerID in the following ways:

  • Account Management

    • Inventory user accounts

    • Create, Update and Delete user accounts

    • Enable and Disable user accounts

  • Group Management

    • Inventory groups

    • Inventory group memberships

    • Create groups

    • Add and Remove members to and from groups

Inventory Objects and their corresponding components in EmpowerID

Object in Salesforce

Component in EmpowerID

User

Account

Profile

Profile Group

User Role

Primary Role Group

Permission Set

SF Permission Set

User License

Group License

Permission Set Assignment

Group Account

Attribute Mapping

The below table shows the attribute mappings of Salesforce objects to EmpowerID.

Profile

Attribute in Salesforce

Attribute in EmpowerID

ID

SystemIdentifier

Name

Name

UserLicenseId

GroupLicenseId

User Role

Attribute in Salesforce

Attribute in EmpowerID

ID

SystemIdentifier

Name

Name

Permission Set

Attribute in Salesforce

Attribute in EmpowerID

ID

SystemIdentifier

Name

Name

Permission Set Assignment

Attribute in Salesforce

Attribute in EmpowerID

AssigneeId

Converted to AccountID

PermissionSetId

Converted to PermissionSetGroupID

User License

Attribute in Salesforce

Attribute in EmpowerID

ID

LicenseIdentifier

Name

Name

Salesforce Attribute

SCIM Attribute (For SCIM Connector Version)

EmpowerID Person Attribute

active

active

Active

ID

SystemIdentifier

Department

['urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'].['department']

Department

Manager

['urn:ietf:params:scim:schemas:extension:enterprise:2.0:User']['manager']['value']

ManagerPersonID

Street

addresses[?(@.type=='work')].streetAddress

StreetAddress

Alias

Alias

EmailAlias

city

city

Country

country

Country

Email

emails[?(@.type=='work')].value

Email

Name

Name

LastName

LastName

FirstName

FirstName

ProfileId

ExtensionAttribute15

UserRoleId

ExtensionAttribute14

state

state

displayName

FriendlyName

When EmpowerID inventories Salesforce, it creates an account in the EmpowerID Identity Warehouse for each Salesforce user, a group for each Salesforce profile, a group for each Salesforce role, and a group for each Salesforce permission set. EmpowerID distinguishes these groups from one another by group type. Groups created for Salesforce profiles have a group type of ProfileGroup (GroupTypeID of 15), while groups created for roles have a group type of PrimaryRoleGroup (GroupTypeID of 16). This information becomes important if you use EmpowerID to create users in Salesforce as each Salesforce user must have a profile.


Next Steps

Connect to Salesforce

SCIM Connector - Requires an Azure Tenant

About the Salesforce SCIM Connector

  • No labels