Grant access

Last published at: November 29th, 2024

To use the Data Action Platform, your users need access at three different levels:

  • At app level - Overall access to the DAP app.
  • At action level - Access to the different actions. Applies to Trial, Advanced, Premium and PDM.
  • At execution level - Permissions needed to execute different types of actions.
Delete

For safety and ease of configuring, we recommend starting with setting up access to the different actions, and configuring the rest of DAP, and only then hand out overall access to the app. As long as overall app access is not yet granted, a user cannot use actions.

Access to different actions


This applies to Trial, Premium, and PDM licences. If you have a Free or Advanced license, skip this step and proceed to 'Access to the app' below.

By default, all actions are assigned to all profiles, and no specific users. You can grant access to actions for a profile and/or a user. Access given to both profile and user is complementary, except for the process limit: for the process limit the user setting always takes precedence.

To grant users and profiles access to one or more actions:

  1. In your Salesforce Org, go to the App Launcher and open the DAP app.
  2. In the DAP app, go to tab DAP Setup. It might take a while to open the first time.
  3. On the left-hand side, click on Action Library. Here you find all available actions.
  4. To make an action available to only certain users or user profiles, click the Assignment button next to the action.
  5. Next to each user profile, under Enable Action For, indicate whether the action should be available for that profile in list view, as a job, as a scheduled job, and/or for DC Job results (Duplicate Check Job results).
    Delete

    With the Disable All / Enable All option at the top you can disable or enable the action for all profiles in one go, and then enable or disable the action for only a few profiles.

  6. Also decide if users of a certain profile should have a Process Limit, so that they can only process a limited number of records in one go. Note that the process limit of any individual user always takes precedence.
  7. To grant access to specific users, scroll all the way down to Assign "Action" to Users.
  8. At Add User, search for a user or user group. Click on the User icon to switch between users and groups.
  9. Select a user or group. If you select a user group, its users will be added individually.
  10. Next to each user, under Enable Action For, indicate whether the action should be available for that user in list view, as a job, as a scheduled job, and/or for DC Job results (Duplicate Check Job results).
  11. Also decide if users should have a Process Limit, so that they can only process a limited number of records in one go. Note that the process limit of an individual user always takes precedence over their profile process limit.
  12. At the bottom of the page, click Save.
  13. Repeat for other actions if needed.
Delete

Note that just granting access to the different actions via the Action Library is not sufficient; your users need overall access to the DAP app as well to be able to see and use DAP actions.

Access to the app


Delete

It is recommended to first finish configuring DAP, via Configuring DAP, before granting your users access to the app with the steps below.

To grant overall access to the Data Action Platform app itself, you can give user profiles access to the app, or assign the DAP permission set to one or more users. As the DAP permission set is automatically updated with new classes etc, while for profiles you need to add new classes manually, it is recommended to use the DAP permission set.

To let users use the DAP app:

Assign the DAP permission set to users

  • To assign the DAP permission set to a single user:
  1. Go to the Setup.
  2. Find Users and open it.
  3. In the list of users that appears, click on the user you want to assign the permission set to.
  4. In the Permission Set Assignments block, click Edit Assignments.
  5. Under Available Permission Sets, select Data Action Platform for Salesforce and add it to the Enabled Permission Sets column.
  6. Click Save.
  • Alternatively, to assign the DAP permission set to multiple users at once: 
  1. Go to the Setup.
  2. Find Permission Sets and open it.
  3. In the list of permission sets that appears, click on the Data Action Platform for Salesforce permission set.
  4. Click Manage Assignments.
  5. Click Add Assignments.
  6. Select users to add and click Assign.

The DAP permission set by default gives access to all DAP pages, including DAP Setup, DAP Job, etc. To deny your users access to certain DAP pages:

  1. Go to Salesforce Setup > Users > Profiles.
  2. Find the profile you want to edit.
  3. On the profile, go to Object Settings.
  4. Find the DAP tabs you want to hide and edit. 
  5. Under Tab Settings, select Tab Hidden.
  6. Click Save.

Grant access to the app via the App Manager

Alternatively, grant access to DAP via the App Manager.
In this case, remember that profiles need to be updated manually whenever new classes, tabs etc are added to DAP. Newly added classes etc are listed in the Release Notes‍.

  1. Go to the Salesforce Setup.
  2. Find the App Manager and open it. 
  3. In the list of apps that appears, find the Data Action Platform and click Edit
  4. On the left-hand side, click User Profiles
  5. Add profiles that should have access to the Data Access Platform from the Available Profiles column to the Selected Profiles column.

Execution permissions


Thirdly, users should also have sufficient action-specific permissions. For instance, if a user does not have Delete permission for a certain object, they cannot use the Mass Delete action for that object.

Users need the following object permissions to use the different actions:

Action

Object permissions needed

Assign Ownership

Read, Edit 

Plus user permission: Transfer record (Sharing Rules)

Create Tasks n.a.
Find & Replace
Read, Edit
Mass Convert Depends on the action settings, e.g. to create new contacts Create permission is needed

Mass Delete 

Delete 

Mass Update 

Read, Edit 

Set Account Hierarchy Read, Edit;
Full access to the ParentId field