Data Quality user documentation | Assign permissions

There are two packaged EDQ Permission Sets you need to assign users to, as well as an individual permission to be configured for non-admin users to use External Credentials.

Assigning users to Permission Sets

Users should be assigned to one of the two EDQ Permission Sets that are packaged with the application. This includes system administrators who will be configuring the application as well as end users who will be performing validations using the application's components.

EDQ Admin: Assign this Permission Set to all users that require administrative access to all EDQ objects and settings.
EDQ Non-admin: Assign this Permission Set to all other end users who will be utilizing the EDQ components. This gives them the lowest level of access required for the four objects listed below that come with the application:
- EDQ Error Logs – Read and Create permissions necessary to work with any errors generated by the application
- EDQ Logs – Read, Create and Edit permissions necessary to work with the logs used to store the result of our Validation API calls
- EDQ Profile Settings – Read permission to check whether the user profile has been granted permission to perform address/email/phone validation or retrieve enriched address data
- EDQ State Settings – Read permission to the EDQ State objects used to facilitate the integration with Salesforce State Picklists

Note that the tabs for the four EDQ objects listed above as well as EDQ Global Settings are all set to Hidden for the EDQ Non-admin Permission Set, as end users aren't required to see or control these objects and settings.

Non-admin permissions implementation

The use of our EDQ Non-admin Permission Set is optional, but without it, the permissions above must be configured manually. It represents our requirements for configuring permissions for a typical non-admin user, but you are of course free to use your existing Profiles or Permission Sets and update them to include our requirements.

The steps to assign a permission set are as follows:

Go to the Setup screen and type Permission Sets in the Quick Find box and select it.
Click either the EDQ Admin or EDQ Non-admin permission set.
Click Manage Assignments.
Click the Add Assignment button.
Tick your chosen users and click Next.
Choose your preferred expiration date for the assigned users and click Assign to see an Assignment Summary.
Click Done.

Configuring the permission to use External Credentials

New requirement since Winter '23

The Winter '23 release of Salesforce introduced changes to Named/External Credentials, which requires an additional permission for non-admin users. This change can't be incorporated into the EDQ Non-admin Permission Set, so must be configured manually.

To make use of the External Credentials configured later in this setup process users must have Read permission for the User External Credentials Object Setting.

System Administrators have this permission by default, but any non-admin users who will be interacting with EDQ components will need to have this configured manually. You are free to apply this permission in a way that is appropriate to your own custom Permission Set configuration, but below we have detailed the steps necessary to create a new Permission Set and assign this to non-admin users:

Go to the Setup screen and type Permission Sets in the Quick Find box and select it.
Click the New button to create a new permission set.
Give it the Label EDQ User External Credentials and the API Name will be populated automatically.
Click Save.
Within the Apps section click Object Settings.
Scroll down and click User External Credentials.
Click Edit.
Enable Read permission and click Save.
Click Manage Assignments and add an assignment for all appropriate users.

Previous: Configure global settings

Next: Create a Connected App

Salesforce Sales and Service Cloud Lightning

Application configuration

Next topic:
Adding components to a page
Previous topic:
Prerequisites