Proff Connect follows Salesforce's standard security model. This page covers the Salesforce-side of access control — who can use the app, what they can do, and how permissions are structured.
For information about API security and data protection, see 3. Security & Data Protection in the API Reference section.
Permission Set Groups
Proff Connect includes two Permission Set Groups that cover most use cases:
|
Permission Set Group |
Intended for |
|---|---|
|
Proff Connect Admin Group |
Administrators who manage the setup, API token, settings, and field mapping |
|
Proff Connect User Group |
Users who search, create, sync, or view company and contact data |
Recommendation: Always assign the Permission Set Group, not the individual Permission Set. This ensures users automatically inherit any new permissions added in future package upgrades.
Permission Sets
|
Permission Set |
Description |
|---|---|
|
Proff Connect Admin |
Full access to the app including token management, settings, and field mapping |
|
Proff Connect User |
General access to all user-facing features |
|
Proff Connect Insight Data |
⚠️ Required for all licensed users. Grants CRUD access to Company Insight and Contact Insight objects (see below) |
|
Proff Connect Create Account Manually |
Shows the "Create Manually" button in the Company Search component |
Proff Connect Insight Data – why it's needed
Company Insight and Contact Insight are custom objects with a Master-Detail relationship to Account and Contact. Due to Salesforce platform restrictions, CRUD access to these objects cannot be included in a standard managed package permission set.
To solve this, Proff Connect includes a post-install script that automatically creates the Proff Connect Insight Data permission set in your org with the correct access.
⚠️ Important: You must manually add this permission set to both Permission Set Groups after installation. All licensed users need it for the solution to work correctly with Insight data.
How to add it to your Permission Set Groups:
-
Go to Setup → Permission Set Groups
-
Open Proff Connect User Group
-
Click Permission Sets in Group → Add Permission Set
-
Select Proff Connect Insight Data and click Add
-
Repeat for Proff Connect Admin Group
Custom permissions
Proff Connect uses custom permissions to control access to specific actions:
Create Account Manually
Controls whether the "Create Manually" button is visible in the Company Search component. If not assigned, users can only create accounts via the Proff search flow — which helps keep CRM data clean and verified.
Remove Token
Controls whether the "Remove Token" button is visible in the Authentication Setup. Only your main Proff Connect administrator should have this. Even users with full Salesforce admin rights cannot remove the token without this specific permission.
Field-level and object-level security
Proff Connect fully respects your org's existing security model:
-
Object-level security (CRUD)
-
Field-Level Security (FLS)
-
Sharing rules and record ownership
-
Org-wide defaults
Users can only access, create, or update records and fields they already have permission for. If a permission is missing, the UI prevents the action and displays a safe error message.
Restricting access with Muting Permission Sets
If you need to restrict specific permissions for a subset of users within a group, use Muting Permission Sets inside the Permission Set Group.