Topic

This article will show you how to limit the access of the account used to discover the Salesforce objects (entities), so that K2 only discovers the objects that the account has access to. It can also be useful if you want to restrict the number of objects that K2 discovers and generates Service Objects for, when registering or refreshing the Salesforce service instance.

Warning: Not all Salesforce objects can be limited down with this procedure. Certain Salesforce objects such as AcceptedEventRelation, ActionLinkGroupTemplate, etc.. are internal Salesforce objects (non standard objects) and can't be applied via this method.

In some cases, there are extra field-level security permissions in Salesforce and you might want to set it there too when assigning permissions for Salesforce objects.

Instructions

Using Salesforce Administrator account, we can make a clone of a Salesforce Standard User Profile and use it to limit down the Salesforce objects. This profile will apply to the account that is going to use in K2 integration. Doing it this way will not have an impact to the out-of-the box Salesforce profile. 

Salesforce Setup > Administration > Profiles

Go to your new Profile (i.e. My Standard User) and edit the Profile.

Scroll down to the Standard Object Permission section of the profile and uncheck the Salesforce objects. In this example, I only allow Case entity to show up in K2.

After that, it's just a matter of applying the new profile to the account that you want to integrate with K2.

Go through the Salesforce integration in the K2 documentation with the account that has the new Salesforce profile.

Additional Information

Related Links

https://help.nintex.com/en-US/k2cloud/userguide/current/default.htm#K2-Management-Site/Features/Salesforce.htm

https://help.salesforce.com/articleView?id=sf.bi_security_salesforce_object_field_levels_control_access.htm&type=5