No ratings

How to use Salesforce permissions to limit access of K2 account when integrating with Salesforce.


This article will show you how to limit the access of the account used to discover the Salesforce objects (entities), so that K2 only discovers the objects that the account has access to. It can also be useful if you want to restrict the number of objects that K2 discovers and generates Service Objects for, when registering or refreshing the Salesforce service instance.


Warning: Not all Salesforce objects can be limited down with this procedure. Certain Salesforce objects such as AcceptedEventRelation, ActionLinkGroupTemplate, etc.. are internal Salesforce objects (non standard objects) and can't be applied via this method.


In some cases, there are extra field-level security permissions in Salesforce and you might want to set it there too when assigning permissions for Salesforce objects.

Image 322.png



Using Salesforce Administrator account, we can make a clone of a Salesforce Standard User Profile and use it to limit down the Salesforce objects. This profile will apply to the account that is going to use in K2 integration. Doing it this way will not have an impact to the out-of-the box Salesforce profile. 

Salesforce Setup > Administration > Profiles

Image 311.png


Go to your new Profile (i.e. My Standard User) and edit the Profile.


Image 312.png


Scroll down to the Standard Object Permission section of the profile and uncheck the Salesforce objects. In this example, I only allow Case entity to show up in K2.

Image 313.png


After that, it's just a matter of applying the new profile to the account that you want to integrate with K2.

Image 314.png


Go through the Salesforce integration in the K2 documentation with the account that has the new Salesforce profile.

Image 320.png

Additional Information



Related Links

Labels: (3)
Version history
Last update:
‎03-15-2022 08:09 AM
Updated by: