Data Quality user documentation
home/Integrations/Salesforce Sales and Service Cloud Lightning/Application configuration/Experience Cloud permissions

Experience Cloud permissions

This is an optional configuration step and only applies if you intend to use EDQ components on an Experience Cloud website for authenticated external users or with Public Access enabled, which allows guest users to see and interact with the site without logging in.

Below we detail the instructions for setting up permissions for a fictitious Experience Cloud site called Customer Account Portal so references to this will need to be adjusted for your own site name and profile.

Experience Builder settings

If you are setting things up for guest users you must navigate to the General tab of Settings for Experience Builder, enable Public Access and then click the name of the automatically created Guest User Profile in preparation for the next section.

Enabling Public Access

Salesforce Profile settings

The permission configuration will differ depending on the user type you need to configure, as detailed below:

External users must be granted access to the relevant EDQ objects. The most appropriate way to do this will be unique to your particular security configuration. Users can either be assigned to the EDQ Non-admin permission set or these same permissions can be manually applied to an existing profile. Further information on the the permissions required can be found on the assign permissions page.

Having already navigated to the Guest User Profile from the Experience Builder settings:

  1. Click Object Settings.

  2. Edit the following EDQ objects, setting the Object and Field permissions as indicated before clicking Save:

    Object Object Permissions Field Permissions
    EDQ Error Logs Enable Read and Create Enable Read Access for all fields
    EDQ Logs Enable Read and Create Enable Read Access for all fields
    EDQ Profile Settings Enable Read only Enable Read Access for all fields
    EDQ State Settings Enable Read only Enable Read Access for all fields
    EDQ TouchPoints Enable Read only Enable Read Access for all fields

    Here's an example for the EDQ Error Logs object:

    Editing Object Settings for EDQ Error Logs object

  3. Return to the Profile Overview and click Apex Class Access.

  4. Click Edit at the top of the Apex Class Access table.

  5. Select all of the classes beginning with TExperianLEDQ, click Add and then Save.

    Enabling Apex Class Access

  6. Return to the Profile Overview and click Custom Metadata Types.

  7. Click Edit at the top of the Custom Metadata Types table.

  8. Select all of the Custom Metadata Types beginning with TExperianLEDQ, click Add and then Save.

    Enabling Custom Metadata Types

Sharing Settings

The Sharing Settings configuration will differ depending on the user type you need to configure, as detailed below:

  1. Go to Setup, then type in Sharing Settings to the Quick Find box and select it.

  2. Click Edit at the top of the Organization-Wide Defaults table.

  3. For the 5 EDQ objects change the Default External Access selection to Public Read Only and then Save.

    Sharing Settings

  1. Go to Setup, then type in Sharing Settings to the Quick Find box and select it.

  2. Click Edit at the top of the Organization-Wide Defaults table.

  3. For the 5 EDQ objects change the Default External Access selection to Public Read Only and then Save.

    Sharing Settings

  4. Scroll to the bottom of the Sharing Settings page and you will find Sharing Rules for each of the 5 EDQ objects.

  5. For each one click New and configure the rule as follows:

    • Provide a Label of your choosing.
    • The Rule Name will be automatically populated.
    • For Step 2 select the Guest user access, based on criteria option.
    • For Step 3 create a rule that will always pass, such as ID not equal to [any random string], or create a working rule if you wish to restrict access.
    • For Step 4 select the matching Guest User for your Experience Cloud site.
    • Click Save.

    New Sharing Rule

EDQ Profile Settings

  1. Go to App Launcher, then type EDQ Profile Settings in the search box and select it.

  2. Click New.

  3. Select the particular external user Profile or Guest User Profile for your Experience Cloud site in the look up field.

  4. Select Address, Phone and/or Email under Enabled validation.

    EDQ Profile Settings

Allowing access to Flows

These steps will be necessary if your users requires access to a Flow containing EDQ components.

  1. Go to Setup, then type in Flows to the Quick Find box and select it.

  2. Click the down arrow to the very right of your chosen Flow and select Edit Access.

    Edit Flow Access

  3. Click Override default behavior and restrict access to enabled profiles or permission sets and then Save.

  4. Navigate to your particular external user Profile, or to your Guest User Profile which is accessed via Experience Builder Settings.

    Guest User Profile

  5. Click Flow Access.

  6. Click Edit at the top of the Flow Access table.

  7. The flow whose access you just edited will have appeared in the list of Available Flows. Select this, click Add and then Save.

    Flow Access

  8. For Lightning Web Runtime (LWR) sites, return to Experience Builder and click Workspaces, then Administration.

  9. Click Preferences and select Allow guest users to access public APIs before clicking Save.

    Allow guest users to access public APIs

Salesforce Sales and Service Cloud Lightning

Application configuration