PhenixID

PSD1076 – Automatic User Provisioning to Salesforce.com

Fact

  • PhenixID Identity Provisioning 3.4.24321 or later
  • Provisioning to Salesforce.com

Situation

Use the Identity Provisioning to setup automatic user provisioning to Salesforce.com This document will show the steps that are necessary to configure Identity Provisioning to automatically provision (create) information for Salesforce.com users.

Solution

Download and install the action package

Download the zip file: SalesforceActionPackage.zip For instruction of how to install the action package, read PSD1149.

Configure the action

Locate the new Salesforce provisioning Action: Create a new instance of the action: The parameters for the Salesforce provisioning Action:

Parameter

Description

Salesforce.com Administrator Username

The Salesforce.com admin account. Example: admin@mycompany.com. Leave blank to use the session attribute “salesforceAdminUsername” in the first Session Object. Supports GLOBAL parameters.

Salesforce.com Administrator Password

The Salesforce.com admin password and Security, token combined (passwordToken). Leave blank to use the session attribute “salesforceAdminPassword” in the first Session Object. Supports GLOBAL parameters.

Create Users (true/false)

If users should be created.

If set to false then only a check if user exists will occur (the “username” attribute must exist). Default value: true

Session Attributes to Include

The session attributes to include when creating a Salesforce user.

Use rename mapping to rename the attribute. Example: sessionAttributeName|SalesforceName, like: givenName|Firstname.

The following attributes are mandatory: UserName, FirstName, LastName, Email, Alias, TimeZoneSidKey, LocaleSidKey, EmailEncodingKey, ProfileId, LanguageLocaleKey.

Generalized Time is used as Date/Time format, yyyyMMddHHmmss.0Z or yyyyMMddHHmmssZ. Example: 20121008135659.0Z. Use yyyy-MM-dd for date attributes.

Session Attributes to Exclude

Any session attributes to exclude from provision to the Salesforce user

Attribute to Set if Sync or Check has Occurred

The attribute to set to either ADD or EXIST if a sync or a check was successful. Example: SF_STATUS

Set Password Attribute

If the password should be set. Select the session attribute that contains the password. (If using Session Attributes to Exclude, this attribute should be specified in the exclude attribute list)

Disable User (false/true)

If users in the session objects should be disabled (inactivated) in Salesforce.com, requires username attribute. If this option is set to true, it will override any create or check operation. (Default value: false)

Enable User (false/true)

If users in the session objects should be enabled (activated) in Salesforce.com, requires username attribute. If this option is set to true, it will override any create or check operation. Default value: false

Update User (false/true)

If users in the session objects should be updated in Salesforce.com, requires username attribute. If this option is set to true, it will override any create or check operation. Session Attributes to include or exclude will be used. Default value: false

(Optional) SOAP URL (Version 27)

Set another URL for the web services call. Example: https://test.salesforce.com/services/Soap/u/27.0 for the sandbox

(Optional) Error Message Attribute

If an error occurs, put any error message into this attribute. Leave blank to ignore.
Remember that the following user attributes MUST be included when creating a user in Salesforce.com:

Parameter

Example

Username

john.doe@company.com

FirstName

John

LastName

Doe

Email

john.doe@company.com

Alias

jdoe

(Max 8 characters)

TimeZoneSidKey

Europe/Paris

LocaleSidKey

sv_SE

EmailEncodingKey

ISO-8859-1

ProfileId

Standard User

(The module will automatically resolve the profile id from a profile name)

LanguageLocaleKey

sv
For both ProfileId and the optional UserRoleId the module will automatically resolve the id from a name.
DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID - support.phenixid.se