I am trying to create a Person Account in Salesforce via Mule4 Salesforce connector but I can only see the Standard Account object and its field in the connector. I tried using standard Account but Person Account fields are not visible in it.
Do I need to enable something?
Related
I have a Microsoft Teams tab app and I'm using SSO for authentication. My users are both native and guests. My requirement is to show different screens depending on the type of incoming user (native/guest), so I have to identify the user type first. To ensure security, I first obtain the id token for the incoming user and then validate it first before identifying the user type. Is there any reliable way to identify the incoming user type with just the id token? I don't trust the info in tab context.
If you don't want to use Microsoft Graph API, you could add all the guest user into a security Group and include Groups claim in your token as instructed here. You just need to modify the "groupMembershipClaims" field in application manifest:
"groupMembershipClaims": "SecurityGroup"
Then the ID token will contain the Ids of the groups that the use belongs to like below :
{
"groups": ["1ce9c55a-9826-4e32-871c-a8488144bb32"]
}
You can also Add app roles in your application and receive them in the token.
You can use microsoft graph api(beta) get user.
https://graph.microsoft.com/v1.0/users/{id | userPrincipalName}
If the id token contains objectId of the user, just put the objectId as the parameter of this api. In the response, we can find an attribute userType. The value of this attribute could be Member or Guest.
If the id token doesn't contain objectId of the user, just contains email. We can also put it as the parameter in the graph api, but if the email is a guest user, the api will not get response data. So I asked you if it contains objectId in the comments.
By the way, the attribute userType just exists in the beta version of microsoft graph api but not exist in the v1.0 version microsoft graph api. So if you're not comfortable with beta version, I suggest to use Azure AD graph api(get user) instead of Microsoft graph api.
Hope it helps~
I have a custom attribute EmployeeNumber in AD, while creating CRM users when I write UserName for e.g Imran.Ahmed it automatically fetches some information from AD and fills form with that information ie first name, last name and phone number etc. Now I have added one more field in CRM to store Employee number in CRM. But CRM is not fetching it from AD.
How can I get information of custom attribute EmployeeNumber from AD to CRM form? I have been searching on internet and found some links that are saying that we have to write a plugin or call Javascript from CRM form but is there any way through which I can automatically get information from AD?
I am not aware of any AD side configurations to sync extra columns into CRM system user record. Or how to add more data to pull in the platform service when you tab out the username. Am sure you are not gonna get that information/control over that integration from Product team.
You can try this codeplex solution by reverse engineering/extending it to achieve the requirement. Or some Graph API calls to achieve it in some timely jobs.
We have our internal HR system to read/sync such data using SSIS + Kingswaysoft connector into CRM.
I'd like to have multiple salesforce "apps" in okta, each configured with provisioning. There will be a "base" one which actually provisions the base salesforce account. But then I want additional salesforce "apps" configured in okta which just provision (or remove) additional permission sets - adding or removing permission sets to the base account. These permission sets represent granting or revoking access to custom force.com apps hosted in the same salesforce org.
I have tried doing this using the following mapping:
Okta User Profile / user
Arrays.add(salesforce_1.publicGroups,'My perm set')
maps to:
Salesforce.com (add my perm set) / appuser
salesforceGroups
the idea being that the above would just add the "my perm set" permission set to whatever permission sets the salesforce account already has.
but its giving me the following error:
Unable to resolve salesforce_1 in expression Arrays.add(salesforce_1.publicGroups,
'My perm set'). Attributes from the same profile cannot be mapped to each other.
I'm also not seeing where I would have the opportunity to configure the deprovisioning logic... which would be:
Arrays.remove(salesforce_1.publicGroups,'My perm set')
Is there any way to achieve what i'm trying to do here?
The provisioning in Okta is tied to a named account in SFDC. What you are trying to do will not work because each SFDC app in Okta will provision or deprovision the actual SFDC account of the user. You can't really split things up as you've intended within Okta.
You will need to rely on updating the user profile in a single okta app instance - keeping track of the consolidated permissions needed each time you update the user to make sure "all the permissions" governing "all the custom force apps" are captured.
Logical Question
Backend implementation
I am implementing User Management Module in Web application. I have three table User, Role and UserInterce. The user table has ManyToMany relationship with role table and Role table has ManyToMany relationship with User Interface table. So whenever Server return user object, the system will verify it's role and that role has access right to which user interface.
this is background overview of backend implementation.
Front End implementation
Whenever user login into the system,server will return user object. I want to implement access control in form basis. e.g. emp role do not have access right to add button where admin role has access right to add button. To implement form based access control i would require to create another table at server side which has information about ui fields and that will be has relationshiop with User Interface table.
can some one provide better way of doing same thing logically ?
If you don't need to have possibility to edditing role's permissions in runtime, the best way is to use spring JSP tag library and build your frontend using spring security tags
http://docs.spring.io/spring-security/site/docs/3.0.x/reference/taglibs.html
Otherwise, using some table for storing your permisssions is the only option to do that
I have a problem that no one has been able to help with yet.
I have created a "Send Agreement" Account button in Salesforce that is linked to my default Docusign template ID using their DST command. This works, but what I need to do is to pull the signers (contacts) who need to sign the document based off of a custom field named, "Signing Role". The button should pull only those account contacts who have a signing role defined in their respective contact records.
Can anyone help?
Thanks in advance!!
Shaun
You can filter out the signers based on their Contact Role by using the custom button parameters CCRM and CCTM.
Say that you have several Contact Roles in an Opportunity, but you only want to pull out those contacts with role Business User. The partial script might look something like this:
// CCTM Maps Salesforce Role with a DocuSign TYPE (Signer, Carbon Copy, etc.)
// CCRM Maps Salesforce Role with a DocuSign ROLE (Signer 1, Signer 2, etc.). Usually used with DTS to call template
CCTM=’Business User~Signer’;
CCRM=’Business User~Signer 1’;
So the code above implies that the Business User will be Signer 1 and will act to sign the document. If he is using a custom field SigningRole created in Opportunity to determine the role, it might look look something like this:
CCTM=’{!Opportunity.SigningRole}~Signer’;
CCRM=’{!Opportunity.SigningRole}~Signer 1’;