There are two packaged EDQ Permission Sets you need to assign users to, as well as an individual permission to be configured for non-admin users to use External Credentials.

Assigning users to Permission Sets

Users should be assigned to one of the two EDQ Permission Sets that are packaged with the application. This includes system administrators who will be configuring the application as well as end users who will be performing validations using the application's components.

  • EDQ Admin: Assign this Permission Set to all users that require administrative access to all EDQ objects and settings.

  • EDQ Non-admin: Assign this Permission Set to all other end users who will be utilizing the EDQ components. This gives them the lowest level of access required for the four objects listed below that come with the application:

    • EDQ Error Logs – Read and Create permissions necessary to work with any errors generated by the application
    • EDQ Logs – Read, Create and Edit permissions necessary to work with the logs used to store the result of our Validation API calls
    • EDQ Profile Settings – Read permission to check whether the user profile has been granted permission to perform address/email/phone validation or retrieve enriched address data
    • EDQ State Settings – Read permission to the EDQ State objects used to facilitate the integration with Salesforce State Picklists

Note that the tabs for the four EDQ objects listed above as well as EDQ Global Settings are all set to Hidden for the EDQ Non-admin Permission Set, as end users aren't required to see or control these objects and settings.

The steps to assign a permission set are as follows:

  1. Go to the Setup screen and type Permission Sets in the Quick Find box and select it.

  2. Click either the EDQ Admin or EDQ Non-admin permission set.

  3. Click Manage Assignments.

  4. Click the Add Assignment button.

  5. Tick your chosen users and click Next.

  6. Choose your preferred expiration date for the assigned users and click Assign to see an Assignment Summary.

  7. Click Done.

Enabling User External Credentials

To make use of the External Credentials configured later in this setup process users must have Read, Create, Edit and Delete permissions for the User External Credentials Object Setting.

System Administrators have this permission by default, but any non-admin users who will be interacting with EDQ components will need to have this configured manually. You are free to apply this permission in a way that is appropriate to your own custom profile/permission set configuration, by following the instructions provided by Salesforce, but below we have detailed the example steps necessary for the permission set-based method:

  1. Go to the Setup screen and type Permission Sets in the Quick Find box and select it.

  2. Click the New button to create a new permission set.

  3. Give it the Label EDQ User External Credentials and the API Name will be populated automatically.

  4. Click Save.

  5. Within the Apps section click Object Settings.

  6. Scroll down and click User External Credentials.

  7. Click Edit.

  8. Enable Read, Create, Edit and Delete permissions and click Save.

  9. Click Manage Assignments and add an assignment for all appropriate non-admin users.