ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableRelateContactToMultipleAccounts boolean Indicates whether users can relate a contact to multiple accounts (true) or only one account (false). The default value is false. If this feature (Contacts to Multiple Accounts) is disabled, secondary contact-account relationships created while the feature was enabled are deleted. Available in API version 47.0 and later. Avoid using the Metadata API to enable this feature. Use the Account Settings page in Setup to enable Contacts to Multiple Accounts.
enableAccountOwnerReport boolean Indicates whether Account Owner Report can (true) or can't (false) be run by all users.
enableAccountHistoryTracking boolean Indicates whether history tracking is enabled for accounts (true) or not (false). The default value is false. If history tracking is disabled, the History related list is removed from account page layouts. However, history data is still available for reporting up to the date and time when tracking was disabled. Available in API version 47.0 and later.
enableContactHistoryTracking boolean Indicates whether history tracking is enabled for contacts (true) or not (false). Available in API version 46.0 and later.
showViewHierarchyLink boolean Indicates whether the default View Hierarchy link on all business account detail pages is visible (true) or hidden (false).
enableAccountTeams boolean Indicates whether account teams are enabled (true) or not (false). The Metadata API can't be used to disable account teams.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableDragAndDropScheduling boolean Lets users create events associated with records by dragging a record from a list view onto a calendar view and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Admins control this field on the User Interface settings page.
enableGroupTasks boolean Lets users assign independent copies of a new task to multiple users. Admins control this field on the Activity Settings page.
enableRollUpActivToContactsAcct boolean Enables a contact's activities to be rolled up and displayed on the contact's primary account. Default value is true. Available in API versions 47.0 and later.
showCustomLogoMeetingRequests boolean Displays a custom logo in meeting request emails and on a meeting's Web page. Invitees see the logo when a user either invites them to an event or requests a meeting. Admins control this field on the Activity Settings page.
showHomePageHoverLinksForEvents boolean In the calendar section of the Home tab. When a user hovers over the subject of an event, a hover link displays an overlay with selected event details. (Hover links are always available in other calendar views.) When a user clicks the subject of an event, displays the event detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page.
enableUNSTaskDelegatedToNotifications boolean On the Activity Settings page, exposes a setting for Admins to hide or show a user setting that lets individual users enable or disable email notifications when tasks are assigned to them.
showMyTasksHoverLinks boolean In the My Tasks section of the Home tab and on the calendar day view. When a user hovers over the subject of a task, a hover link displays an overlay with selected task details. When a user clicks the subject of a task, displays the task detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page.
enableEmailTracking boolean Enables tracking of outbound HTML emails if an organization uses HTML email templates. Admins control this field on the Activity Settings page.
enableActivityReminders boolean Enables popup activity reminders for an organization. Admins control this field on the Activity Settings page.
enableListViewScheduling boolean Extends the functionality of enableDragAndDropScheduling and enableClickCreateEvents to list view calendars. Admins control this field on the User Interface settings page.
enableRecurringEvents boolean Enables creation of events that repeat at specified intervals. Admins control this field on the Activity Settings page.
enableSimpleTaskCreateUI boolean Allows admins to specify whether tapping New Task in Salesforce opens a regular task record edit page or a page that displays key task fields first. Admins control this field on the Activity Settings page.
enableMultidayEvents boolean Enables creation of events that end more than 24 hours after they start. Admins control this field on the Activity Settings page.
enableSidebarCalendarShortcut boolean In the sidebar, displays a shortcut link to a user's last-used calendar view. Admins control this field on the Activity Settings page.
enableUserListViewCalendars boolean Allows users to create and view user list view calendars in Lightning Experience. Available in API versions 47.0 and later
allowUsersToRelateMultipleContactsToTasksAndEvents boolean This field indicates whether Shared Activities is enabled. When the value is true, allows users to relate multiple contacts to a task or event.
autoRelateEventAttendees boolean When users add attendees to events, events are automatically related to up to 50 contacts or one lead. An attendee is matched by their email address to a contact or lead. Admins control this field on the Activity Settings page. Available in API version 42.0 and later.
enableClickCreateEvents boolean Lets users create events in day and weekly calendar views by double-clicking a specific time slot and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Does not support recurring events or multi-person events. Admins control this field on the User Interface settings page.
enableRecurringTasks boolean Enables creation of tasks that repeat at specified intervals. Admins control this field on the Activity Settings page.
showEventDetailsMultiUserCalendar boolean Displays event details on-screen rather than in hover text. Admins control this field on the Activity Settings page.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableApexApprovalLockUnlock boolean Indicates whether approval process lock and unlock operations from Apex code are allowed (true) or not (false). The default value is false.
enableCompileOnDeploy boolean Indicates whether Apex code is automatically recompiled (true) or not (false). When set to true, code is recompiled before completing a metadata deployment, change set deployment, package installation, or package upgrade. The default value is true for production orgs and false for others.
enableAuraApexCtrlAuthUserAccessCheckPref boolean Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile critical update is activated (true) or not (false).
enableGaplessTestAutoNum boolean Indicates whether autonumbering gaps are prevented by Apex test executions not incrementing autonumber fields for non-test records (true) or not (false). The default value is true.
enableMngdCtrlActionAccessPref boolean Indicates whether the Disable Access to Non-global Apex Controller Methods in Managed Packages critical update is activated (true) or not (false).
enableNonCertifiedApexMdCrud boolean Indicates whether Apex classes can access metadata, public or protected, through classes in the Metadata namespace (true) or not (false). The default value is false.
enableApexPropertyGetterPref boolean Indicates whether the Enforce Access Modifiers on Apex Properties in Lightning Component Markup critical update is activated (true) or not (false).
enableApexCtrlImplicitWithSharingPref boolean Indicates whether the Use with sharing for @AuraEnabled Apex Controllers with Implicit Sharing critical update is activated (true) or not (false)
enableDoNotEmailDebugLog boolean Indicates whether Apex debug log details are suppressed in unhandled exception emails (true) or not (false). The default value is false.
enableAggregateCodeCoverageOnly boolean Indicates whether aggregate (not detailed) totals are tracked for Apex test coverage data (true) or not (false). The default value is false.
enableAuraApexCtrlGuestUserAccessCheckPref boolean Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Guest and Portal Users Based on User Profile critical update is activated (true) or not (false).
enableDisableParallelApexTesting boolean Indicates whether Apex tests are serially executed (true) or not (false). The default value is false.
enableSecureNoArgConstructorPref boolean Indicates whether Apex type visibility rules are strictly enforced for the Type.newInstance method (true) or not (false). The default value is false. When enabled, regardless of API version, you can instantiate only Apex classes with a no-arguments constructor that is visible to the code running Type.newInstance. Available in API version 48.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
caSigned boolean Required. Indicates whether this certificate is signed by the issuer (true) or not (false).
fullName string Unique identifier for the certificate
expirationDate number The date the certificate expires and is no longer usable.
keySize number The size of the key in bits.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableRichLinkPreviewsInFeed boolean Indicates whether to convert links in posts into embedded videos, images, and article previews (true) or not to convert the links (false). In Setup, enableRichLinkPreviewsInFeed equates to the Chatter setting Allow Rich Link Previews.
unlistedGroupsEnabled boolean Indicates whether to allow the creation of unlisted groups (true) or to prevent their creation (false). When the value is set to true, users can create unlisted groups. Unlisted groups don't appear on the Groups list page. Membership in unlisted groups is by invitation only. In Setup, unlistedGroupsEnabled equates to the Chatter setting Enable Unlisted Groups.
enableFeedEdit boolean Indicates whether qualified users can edit feed posts and comments (true) or not (false). Qualified users include. The author of the post or comment. The person who owns the record that was posted to or commented on. The Chatter or site moderator. In Setup, enableFeedEdit equates to the Chatter setting Allow users to edit posts and comments.
enableFeedsRichText boolean Indicates whether to use the Rich Text Editor in the Chatter Publisher (true) or not (false). The rich text editor supports text formats, inline images, hyperlinks, and, when enabled for the org, code snippets. In Setup, enableFeedsRichText equates to the Chatter setting Allow users to compose rich text posts.
enableOutOfOfficeEnabledPref boolean Indicates whether to add an Out of Office setting to a user profile page (true), or to omit it (false). When the value is set to true, this option adds a control to user profile pages for setting a personal out-of-office message. In Setup, enableOutOfOfficeEnabledPref equates to the Chatter setting Users can set Out of Office message.
enableTodayRecsInFeed boolean Indicates whether to allow the posting of recommendations for using the Salesforce Today app in users' feeds (true) or not (false). When set to true, automatically posts recommendations for using the Salesforce Today app in users' feeds. In Setup, enableTodayRecsInFeed equates to the Chatter setting Allow Today Recommendations.
allowChatterGroupArchiving boolean Indicates whether manual and automatic group archiving are allowed on all Chatter groups (true) or aren't allowed (false).
enableFeedPinning boolean Indicates whether to allow the pinning of posts in a feed (true) or not (false). When set to true. Authorized users can pin posts to the top of the feed. The feed supports up to three pinned posts. Pinned posts stay pinned until they're unpinned. After post pinning is enabled, authorized users include admins and group owners and managers. Admins can also assign post pinning permission through permission sets or user profiles. In Setup, enableFeedPinning equates to the Chatter setting Allow post pinning.
enableInviteCsnUsers boolean Indicates whether a licensed user can invite customers to private groups that the licensed user owns or manages (true) or not (false). When the value is set to true, licensed users can invite customers who are from outside org email domains. Invited customers can see information only in the groups that they're invited to. They can interact only with members of those groups. In Setup, enableInviteCsnUsers equates to the Chatter setting Allow customer invitations.
enableChatter boolean Indicates whether Chatter is enabled for your org (true) or not (false).
enableChatterEmoticons boolean Indicates whether the automatic conversion of text characters, such as :), into a graphic emoticon is allowed in Chatter (true) or isn't allowed (false). In Setup, enableChatter equates to the Chatter setting Allow Emoticons.
enableFeedsDraftPosts boolean Indicates whether draft posts are automatically saved every seven seconds (true) or not (false). When set to true. Adds the My Drafts feed to the Chatter tab. Saves draft posts automatically every seven seconds. Makes drafts available in the My Drafts feed. When the user posts the entry, the draft is automatically removed from the My Drafts feed. In Setup, enableFeedsDraftPosts equates to the Chatter setting Allow draft posts.
allowRecordsInChatterGroup boolean Indicates whether records can be associated with groups (true), or not (false). If groups already have record data, setting this field to false doesn't delete it. In Setup, allowRecordsInChatterGroup equates to the Chatter setting Allow Records in Groups.
enableCaseFeedRelativeTimestamps boolean In Case feeds, indicates whether to use relative (true) or absolute (false) date and time stamp formats on Case feed items. When the value is true, Case feed items show a relative timestamp (for example, 10m ago). When the value is true, users can hover over the relative timestamp to see the absolute. When the value is false, Case feed items show an absolute timestamp (for example, January 7, 2020 at 12:15PM). When you change this setting, all timestamps in Case feeds reflect that change. The default value is true. This field is available in API version 48.0 and later. In Setup, enableCaseFeedRelativeTimestamps equates to the Chatter setting Show relative timestamp
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableGuestRecordReassignOrgPref boolean When true, allows admins to set a default owner for records created by guest users. Available in API version 48.0 and later.
enableInviteChatterGuestEnabled boolean When true, allows guest users to be invited to use Chatter. Available in API version 48.0 and later.
enableNetworksEnabled boolean When true, allows users to enable digital experiences. Available in API version 47.0 and later.
enablePRMAccRelPref boolean When true, enables Account Relationship object and Account Relationship Data Sharing Rule setup options. Available in API version 48.0 and later.
enableCspContactVisibilityPref boolean When true, allows users to see contacts from private accounts that they have read access to, when the contact is controlled by the parent record. Available in API version 48.0 and later.
enableEnablePRM boolean When true, allows admins to enable partner users. Available in API version 48.0 and later.
enableExternalAccHierPref boolean When true, enables the External Account Hierarchy object. Available in API version 48.0 and later.
enableOotbProfExtUserOpsEnable boolean When true, allows use of standard external profiles for self-registration and user creation. Available in API version 48.0 and later.
enableRelaxPartnerAccountFieldPref boolean When true, allows editing for partner account fields on and opportunities and leads. Available in API version 48.0 and later.
enableCspNotesOnAccConPref boolean When true, allows customer users to access notes and attachments associated with accounts and contacts. Available in API version 48.0 and later.
enableNetPortalUserReportOpts boolean When true, allows external users in Experience Cloud sites, with permission, to run reports. Available in API version 48.0 and later.
applyLoginPageTypeToEmbeddedLogin boolean When true, applies the Experience Cloud site login page type (default, Login Discovery, Experience Builder, or Visualforce) to all Embedded Login implementations. When false, applies the username and password login page type to all Embedded Login implementations. For orgs created before the Salesforce Summer '20 release, the default setting is false. For new orgs, the default setting is true. Available in API version 49.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
id string id is the unique identifier of the connected app.
attributes object A custom attribute of the connected app. Represents the field names that make up a custom attribute when using SAML with a ConnectedApp. Tailor these values to a specific service provider.
 formula string The value of the attribute.
 key string The attribute's identifier.
description string An optional description for your app.
mobileStartUrl string Users are directed to this URL after they've authenticated when the app is accessed from a mobile device. If you don't give a URL, the user is sent to the app's default start page after authentication completes. If the connected app that you're creating is a canvas app, then you can leave this field blank. The Canvas App URL field contains the URL that gets called for the connected app.
permissionSetName string Specifies the permissions required to perform different functions with the connected app.
plugin string The name of a custom Apex class that extends Auth.ConnectedAppPlugin to customize the behavior of the app.
samlConfig object Specifies how an app uses single sign-on.
 samlNameIdFormat string Indicates the format the service provider (SP) requires for the user's single sign-on identifier.
 samlSubjectType string The single sign-on identifier for the user.
 acsUrl string The assertion consumer service URL from the service provider.
 encryptionCertificate string The name of the certificate to use for encrypting SAML assertions to the service provider. This certificate is saved in the organization's Certificate and Key Management list.
 encryptionType string When Salesforce is the identity provider, the SAML configuration can specify the encryption method used for encrypting SAML assertions to the service provider. The service provider detects the encryption method in the SAML assertion for decryption.
 issuer string A URI that sends the SAML response. A service provider can use this URI to determine which identity provider sent the response.
 samlIdpSLOBinding string The SAML HTTP binding type from the service provider used for single logout.
 samlSigningAlgoType string Indicates the signing algorithm applied to SAML requests and responses when Salesforce is the identity provider.
 samlSloUrl string The SAML single-logout endpoint of the connected app service provider (SP). This endpoint is where SAML LogoutRequests and LogoutResponses are sent when users log out of Salesforce. The SP provides this endpoint.
 samlSubjectCustomAttr string If the samlSubjectType is CustomAttr, include that custom value here; otherwise, leave empty.
 certificate string The PEM-encoded certificate string, if the app uses a certificate.
 entityUrl string The entity ID from your service provider.
startUrl string If the app isn't accessed from a mobile device, users are directed to this URL after they've authenticated.
canvasConfig object The configuration options of the connected app if it's exposed as a canvas app.
 lifecycleClass string The name of the Canvas.CanvasLifecycleHandler Apex class.
 locations string Indicates where the canvas app can appear to the user.
 options string Indicates whether to hide the share button and header in the publisher for your canvas app, and whether the app is a canvas personal app.
 samlInitiationMethod string If you're using SAML single sign-on (SSO), indicates which provider initiates the SSO flow.
 accessMethod string Indicates how the canvas app initiates the OAuth authentication flow.
 canvasUrl string The URL of the third-party app that's exposed as a canvas app.
contactPhone string The phone number for Salesforce to use to contact you.
iconUrl string Reserved for future use.
infoUrl string An optional URL for a web page with more information about your app.
ipRanges list<object> Specifies the ranges of IP addresses that can access the app without requiring the user to authenticate with the connected app.
 description string Use this field to identify the purpose of the range, such as which part of a network corresponds to this range.
 startAddress string The first address in the IP range, inclusive.
 endAddress string The last address in the IP range, inclusive.
pluginExecutionUser string Specifies the user to run the plugin as.
sessionPolicy object Specifies the configuration options for a connected app's session policies. Use these policies to define how long a user's session can last before reauthenticating, to block user access to the connected app, or to require multi-factor authentication (MFA) to access the app.
 policyAction string If the High Assurance session security level is applied to the connected app, specify associated high assurance action.
 sessionLevel string Applies the High Assurance session security level to the connected app. This session level requires users to verify their identity with multi-factor authentication when they log in to the connected app.
 sessionTimeout number The length of time the connected app's session lasts.
contactEmail string Required. The email address Salesforce uses for contacting you or your support team.
oauthConfig object Represents the field names that configure how your connected app communicates with Salesforce.
 isPkceRequired boolean Determines whether the Proof Key for Code Exchange (PKCE) extension is required for variations of the OAuth 2.0 authorization code flow configured for the connected app, including the web server flow and Authorization Code and Credentials Flow. For public client apps that can't keep the consumer secret confidential, such as mobile apps, the PKCE extension helps ensure that the client that initiates an authorization flow is the same client that completes it. For this reason, we always recommend implementing PKCE for public clients. We also strongly recommend that you implement PKCE for private clients. If set to true, the PKCE extension is required and any authorization code flow variations that don't implement it fail. If set to false, you can still implement PKCE but it isn't required. The default value is false. This field is available in API version 59.0 and later.
 singleLogoutUrl string The single logout endpoint. This URL is the endpoint where Salesforce sends a logout request when users log out of Salesforce.
 callbackUrl string The endpoint that Salesforce calls back to your connected app during OAuth; it's the OAuth redirect_uri.
 isClientCredentialEnabled boolean If set to true, the connected app can use the OAuth 2.0 client credentials flow. To use the client credentials flow, you must also specify a user for oauthClientCredentialUser. If set to false (default), the connected app can't use the client credentials flow.
 scopes list<object> A list of scopes associated with the connected app. The scopes refer to permissions given by the user running the connected app.
 scope string The name of the scope.
 consumerSecret string A value that is combined with the consumerKey and used by the consumer for identification to Salesforce.
 isCodeCredentialPostOnly boolean For the Authorization Code and Credentials Flow, determines whether the user's credentials must be sent in the body of the initial HTTPS POST request to the Salesforce authorization endpoint. Requiring the credentials in the POST body instead of in the header improves security. If set to true, the user's credentials must be included in the POST body. The default value is false.
 isNamedUserJwtEnabled boolean If set to true, the connected app is enabled to issue JSON Web Token (JWT)-based access tokens. For installed apps, JWT-based access tokens must also be enabled in your connected app policies. This field is generally available in API version 59.0 and later.
 isConsumerSecretOptional boolean If set to false (default setting), the connected app's client secret is required in exchange for an access token in the OAuth 2.0 web server flow.
 isSecretRequiredForRefreshToken boolean If set to true (default), the app's client secret is required in the authorization request of a refresh token and hybrid refresh token flow. If set to false and an app sends the client secret in the authorization request, Salesforce still validates it.
 certificate string The PEM-encoded certificate string, if the app uses a certificate.
 consumerKey string A value used by the consumer for identification to Salesforce.
 idTokenConfig object Specifies the ID token configuration for the connected app OAuth settings.
 idTokenValidity number The length of time that the ID token is valid for after it's issued. The value can be from 1 to 720 minutes. The default is 2 minutes.
 idTokenAudience string The audiences that this ID token is intended for.
 idTokenIncludeAttributes boolean Indicates whether attributes are included in the ID token.
 idTokenIncludeCustomPerms boolean Indicates whether custom permissions are included in the ID token.
 idTokenIncludeStandardClaims boolean Indicates whether standard claims about the authentication event are included in the ID token.
 isAdminApproved boolean If set to false (default setting), anyone in the org can authorize the app. Users must approve the app the first time they access it. If set to true, only users with the appropriate profile or permission set can access the app. These users don't have to approve the app before they can access it.
 isCodeCredentialEnabled boolean Determines whether the app can use the Authorization Code and Credentials Flow to provide identity services to headless, off-platform apps. The Authorization Code and Credentials Flow is the foundation of headless login, headless registration, headless passwordless login, and headless guest identity. If set to true, the connected app can use the Authorization Code and Credentials Flow and all associated Headless Identity features. The default value is false. This field is available in API version 57.0 and later
 isIntrospectAllTokens boolean If set to true, authorizes the connected app to introspect all access and refresh tokens within the entire org. If set to false (default), the connected app can introspect its own tokens.
 assetTokenConfig object Specifies an OAuth asset token configuration for the connected app OAuth settings.
 assetAudiences string The audience claim associated with the asset token payload. This claim identifies who the JWT is intended for.
 assetIncludeAttributes boolean If set to true (default setting), custom attributes associated with the connected app are included in the asset token payload. If set to false, these attributes aren't included.
 assetIncludeCustomPerms boolean If set to true (default setting), custom permissions associated with the connected app are included in the asset token payload. If set to false, these permissions aren't included.
 assetSigningCertId string The ID of the JWT certificate's signing secret.
 assetValidityPeriod number The asset token's validity period. The validity must be the expiration time of the assertion within 3 minutes, expressed as the epoch number.
label string Required. The name of the app.
logoUrl string An optional logo for the app. The logo appears with the app's entry in the list of apps and on the consent page the user sees when authenticating. The URL must use HTTPS, and the logo can't be larger than 125 pixels high or 200 pixels wide. The default logo is a cloud.
oauthPolicy object Specifies Oauth access policies associated with your connected app.
 ipRelaxation string Specifies whether a user's access to the connected app is restricted by IP ranges.
 refreshTokenPolicy string Specifies how long a refresh token is valid for.
 singleLogoutUri string If single logout is enabled, specify the single logout URL.
profileName string Specifies the profile (base-level user permissions) required to perform different functions with the connected app.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
appID string The unique identifier of Connected Application
riskLevel string The risk level associated with the Connected Application.
permissions list<string> The permissions associated with the Connected Application.
connectedAppName string Name of the Connected Application.
riskScore number The risk score associated with the Connected Application.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAdminApprovedAppsOnly boolean If false (default), any connected app can call the Salesforce API. If true, only apps that have been approved or installed by the admin can call the Salesforce API. To access this field, you must contact Salesforce Customer Support to enable API Access Control.
enableAdminApprovedAppsOnlyForExternalUser boolean If false (default), authenticated customers or partners can use any unblocked connected app to access the Salesforce API. If true, authenticated customers and partners can't access the Salesforce API unless they use a connected app that is installed in the org and unblocked. Install and unblock connected apps on the Connected Apps OAuth Usage page. To access this field, you must contact Salesforce Customer Support to enable API Access Control.
enableSkipUserProvisioningWizardWelcomePage boolean If false (default), the User Provisioning Wizard Welcome page shows up when you access the wizard. To skip the welcome page in the future, you can select Do not show me this next time. If true, the Welcome page doesn't show up the next time that you access the wizard.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedById string User The unique identifier (id) for the User who created the Connected Application.
Name string The unique name for this object.
PinLength number For mobile apps, this field is the PIN length requirement for users of the connected app. Valid values are 4, 5, 6, 7, or 8.
Id string The unique identifier of Connected Application
LastModifiedById string User The unique identifier (id) for the User who modified the Connected Application recently.
CreatedDate number The time when the Connected Application was created
SystemModstamp number The time when the Connected Application was last modified by a user or an automated process (such as a trigger)
OptionsAllowAdminApprovedUsersOnly boolean Indicates whether access is limited to users granted approval to use the connected app by an administrator. Manage profiles for the app by editing each profile's Access list.
OptionsRefreshTokenValidityMetric boolean Specifies whether the refresh token validity is based on duration or inactivity. If true, the token validity is measured based on the last use of the token; otherwise, it is based on the token duration.
RefreshTokenValidityPeriod number The duration of an authorization token until it expires in hours, months, or days as set in the connected app management page.
MobileStartUrl string Users are directed to this URL after they've authenticated when the app is accessed from a mobile device.
OptionsHasSessionLevelPolicy boolean Specifies whether the connected app requires a High Assurance level session.
LastModifiedDate number The time when the Connected Application was last modified by a user
MobileSessionTimeout string Length of time after which the system logs out inactive mobile users
StartUrl string If the app is not accessed from a mobile device, users are directed to this URL after they've authenticated.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
canAccessMicrophone boolean Indicates whether this CspTrustedSite can access the user microphone (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantMicrophoneAccess field equals TrustedUrls in the SecuritySettings metadata API type.
context string Declares the scope of the CSP directives for this trusted URL. All-Apply the CSP directives to all supported context types. Communities-Apply the CSP directives to Experience Builder sites only. FieldServiceMobileExtension-Apply the CSP directives to the Field Service Mobile Extensions only. LEX-Apply the CSP directives to Lightning Experience pages only. VisualForce-Apply the CSP directives to custom Visualforce pages only.
isActive boolean Indicates whether this CspTrustedSite is active (true) or not (false). The default value is true.
isApplicableToStyleSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load style sheets from this trusted URL (true) or not (false). This field has a default value of false.
id string The unique id of this trusted URL.
canAccessCamera boolean Indicates whether this CspTrustedSite can access the user camera (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantCameraAccess field equals TrustedUrls in the SecuritySettings metadata API type.
isApplicableToMediaSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load audio and video from this trusted URL (true) or not (false). This field has a default value of false.
description string The description of this trusted URL.
endpointUrl string The URL for this CspTrustedSite. This field must include a domain name and can include a port.
isApplicableToConnectSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load URLs using script interfaces from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToFontSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load fonts from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToFrameSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load resources contained in iframe elements from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToImgSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load images from this trusted URL (true) or not (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
label string Required. The delegated group's non-API name.
roles list<string> The roles and subordinates for which delegated administrators of the group can create and edit users.
loginAccess boolean Required. Allows users in this group to log in as users in the role hierarchy that they administer (true) or not (false). Depending on your organization settings, individual users must grant login access to allow their administrators to log in as them.
permissionSets list<string> The permission sets assignable to users in specified roles and all subordinate roles by delegated administrators.
profiles list<string> The profiles assignable to users by delegated administrators.
id string Unique identifier for the DelegateGroup
fullName string Name of the DelegateGroup
customObjects list<string> The custom objects associated with the group. Delegated administrators can customize nearly every aspect of each of those custom objects, including creating a custom tab. However, they cannot create or modify relationships on the objects or set organization-wide sharing defaults. Delegated administrators must have access to custom objects to access the merge fields on those objects from formulas.
groups list<string> The groups with users assigned by delegated administrators.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedDate number The time when the DelegateGroupMember was created.
UserOrGroupId string User The reference indicating the user id of the delegated administrator for the delegate group currently. Group is reserved for future development by Salesforce.
Id string The unique identifier of DelegateGroupMember.
DelegateGroupId string DelegateGroup The id of the associated delegate group.
SystemModstamp number The time when the DelegateGroupMember was last modified by a user or an automated process (such as a trigger).
CreatedById string User The unique identifier (id) for the User who assigned the user to DelegateGroup.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableEmailSpfCompliance boolean Indicates whether outgoing emails comply with Sender Policy Framework (SPF) email authentication (true) or not (false). This field has a default value of true.
enableComplianceBcc boolean Indicates whether a copy of each outbound email message is sent to an email address you specify (true) or not (false). This field has a default value of false.
enableHtmlEmail boolean Indicates whether users receive Email-To-Case emails in HTML format (true) or receive a text version instead (false). This field has a default value of false. When this field is set to true, users receive a warning message about potential malicious HTML before they view incoming HTML email content.
enableRestrictTlsToDomains boolean Indicates whether the selected Transport Layer Security (TLS) setting applies only to specific domains (true) or applies to all domains (false). This field has a default value of false.
enableEmailSenderIdCompliance boolean Indicates whether outgoing emails comply with Sender ID email protocols (true) or not (false). This field has a default value of false. To enable this preference, enableEmailSpfCompliance must be set to true.
enableEmailToSalesforce boolean Indicates whether Email to Salesforce is enabled (true) or disabled (false). This field has a default value of false.
enableEmailWorkflowApproval boolean Indicates whether users can respond to email approval requests directly from their email (true) or not (false). This field has a default value of false.
enableEnhancedEmailEnabled boolean Indicates whether Enhanced Email is enabled (true) or not (false). Default value is true.
enableResendBouncedEmails boolean Indicates whether the system forwards a copy of each bounced email message to the sender (true) or only displays the bounce alert (false). This field has a default value of false. To enable this preference, enableHandleBouncedEmails must be set to true.
enableSendViaExchangePref boolean Indicates whether users can use Office 365 to send emails (true) or not (false). Default value is false.
enableEmailConsentManagement boolean Indicates whether Enforce Email Privacy Settings is enabled (true) or not (false). When enabled, Salesforce respects each recipient's email privacy preferences. Default value is false.
enableHandleBouncedEmails boolean Indicates whether emails sent from Salesforce to an invalid email address bounce back to Salesforce (true) or not (false) . This field has a default value of true. With bounce handling enabled, reps know which lead, contact, or person account has a bad email address, and they know which specific email wasn't delivered.
enableInternationalEmailAddresses boolean Indicates whether non-Latin-based characters are allowed in email addresses (true) or not (false) when sending emails to and from Salesforce. This field has a default value of true in orgs created in Summer '20 or later. In orgs created in Spring '20 or earlier, the default value is false. Available in API version 49.0 and later.
enableSendViaGmailPref boolean Indicates whether users can use Gmail to send emails (true) or not (false). Default value is false.
enableUseOrgFootersForExtTrans boolean Indicates whether emails sent through external email services (such as Gmail or Office 365) include the Salesforce footer (true) or not (false). This field has a default value of false.
sendMassEmailNotification boolean Indicates whether users receive an auto-generated status email from Salesforce for each mass email they send (true) or not (false). This field has a default value of true.
enableListEmailLogActivities boolean Indicates whether Salesforce logs sent list emails as activities (true) or not (false). Default value is true.
sendTextOnlySystemEmails boolean Indicates whether all system emails are sent via text only (true) or allow other formats (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
Host string Indicates the host name or IP address of your company's SMTP server
IsRequireAuth boolean Indicates whether (true) or not (false) authentication is required. When setting this field to true, the TlsSetting must be set to RequiredVerify.
TlsSetting string Specifies whether Salesforce uses TLS for SMTP sessions. Possible values include: Off, Preferred, Required, PreferredVerify, RequiredVerify.
Username string Specifies the username for relay host STMP authentication. When IsRequireAuth is set to true, this field is required.
AuthType string Specifies which SASL mechanism Salesforce uses for SMTP authentication. This field is available when Enable SMTP Auth is selected. Possible values include: PLAIN, LOGIN.
Port string Indicates the port number of your company's SMTP server. Possible values include: 25, 587, 10025, 11025.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
canOptOutOfDerivationWithBYOK boolean Indicates that users can opt out of key derivation processes on a key-by-key basis when they upload key material (true) or can't (false). The default value is false.
enableCacheOnlyKeys boolean Indicates whether the Cache-Only Key Service is available (true) or not (false). The default value is false. If set to true, users can configure a cache-only key callout connection and apply key material stored outside of Salesforce to data on demand.
enableReplayDetection boolean Indicates whether cache-only key callouts are protected from replay attacks by a nonce (true) or not (false). Requires enableCacheOnlyKeys='true' before setting enableReplayDetection to true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableLoginForensics boolean Enables (true) or disables (false) the Login Forensics feature. Login Forensics helps you track and audit your org's user login activity. Default value is false. Available in API versions 47.0-49.0.
enableStreamingApi boolean Enables (true) or disables (false) Streaming API in the org. Default value is true.
enableDeleteMonitoringData boolean Allows (true) or disallows (false) users to delete event log files and LoginEvent data. Users require the Delete Event Monitoring Records user permission, which is available when this setting is enabled. Default value is false.
enableTransactionSecurityPolicies boolean Enables (true) or disables (false) the ability to create and use transaction security policies in the Salesforce UI. Default value is false.
enableDynamicStreamingChannel boolean Enables (true) or disables (false) the dynamic creation of a streaming channel when you subscribe to generic streaming. Default value is false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
dispositions object Represents the metadata used to manage file type behavior.
 behavior string File download behavior
 filetype string The file type that this disposition applies to
 securityRiskFiletype boolean Indicates file types that cannot have behavior set to EXECUTE, due to security risks.
noHtmlUploadAsAttachment boolean Indicates whether to allow HTML uploads as attachments or document records.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
DeveloperName string The name of the object in the API. This name is unique by group type and corresponds to Group Name in the user interface.
LastModifiedDate number The time when the Group was last modified by a user
DoesSendEmailToMembers string Indicates whether the email is sent (true) or not sent (false) to the group members. The email is sent to queue members as well.
Id string The unique identifier of Group.
LastModifiedById string User The unique identifier (id) for the User who modified the Group.
OwnerId string ID of the user who owns the group.
Type string Required. Type of the group. One of the following values: ["AllCustomerPortal", "ChannelProgramGroup", "CollaborationGroup", "Manager", "ManagerAndSubordinatesInternal", "Organization","Participant","PRMOrganization","Queue","Regular","Role","RoleAndSubordinates","RoleAndSubordinatesInternal","Territory","TerritoryAndSubordinates"]
DoesIncludeBosses string Indicates whether the managers have access (true) or do not have access (false) to records shared with members of the group.
Email boolean Email address for a group of type Case. Applies only for a case queue.
RelatedId string Represents the ID of the associated groups. For groups of type "Role" the ID of the associated UserRole. The RelatedId field is polymorphic.
CreatedById string User The unique identifier (id) for the User who created the Group.
CreatedDate number The time when the Group was created.
Name string Required. Name of the group. Corresponds to Label on the user interface.
SystemModstamp number The time when the Group was last modified by a user or an automated process (such as a trigger).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
UserOrGroupId string User Group ID of the User or Group that is a direct member of the group.
SystemModstamp number The time when the GroupMember was created.
MemberType string Custom field added by SPM product to identify Type of member.
Id string The unique identifier of GroupMember.
GroupId string Group ID of the Group.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAuraCDNPref boolean Indicates whether Lightning Experience and other apps use a content delivery network (CDN) to serve the static content for Lightning Component framework.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableS1EncryptedStoragePref2 boolean Indicates whether the Salesforce mobile web uses secure and persistent browser caching to improve performance (true) or not (false).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
canOnlyLoginWithMyDomainUrl boolean If true, users must use the org's My Domain login URL to log in. If false (default), users can also log in using the org's instance Salesforce URL, https://InstanceName.salesforce.com, and through the login URL https://login.salesforce.com.
doesApiLoginRequireOrgDomain boolean If true, users must use the org's My Domain login URL to access the Salesforce API. If false (default), users can also access the Salesforce API using the generic Salesforce page, https://InstanceName.salesforce.com and through the login URL https://login.salesforce.com.
enableNativeBrowserForAuthOnAndroid boolean If true, use the native browser for authentication of Android mobile apps. Default is false.
enableNativeBrowserForAuthOnIos boolean If true, use the native browser for authentication of iOS mobile apps. Default is false.
useStabilizedMyDomainHostnames boolean Indicates whether the instance name is hidden in My Domain URLs for Visualforce, Experience Builder, Site.com Studio, and content files (true) or not (false). This field has a default value of true. For example, MyDomainName--PackageName.na44.visual.force.com becomes MyDomainName--PackageName.visualforce.com when this field is set to true.
useStabilizedSandboxMyDomainHostnames boolean This field corresponds to the Stabilize the Hostname for My Domain URLs in Sandboxes release update, which was enforced in Summer '20. When true, the instance name is hidden in My Domain URLs for sandboxes orgs. For example, MyDomainName--test.cs5.my.salesforce.com became MyDomainName--test.my.salesforce.com. As of API version 49.0, this field's value is always true, regardless of the value that you set. Changing its value has no effect on Salesforce, even if it reads false. This change applies retroactively back to API version 47.0, when this field was first introduced. Previously, in API version 47.0 to 49.0, this field indicated whether the instance name was hidden in My Domain URLs for sandboxes orgs (true) or not (false), and the field's default value was false. Now, in all API versions, this field's value is always true, even if it reads false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedDate number The time when the OauthToken was created
AccessToken string The refresh token for authorization.
AppName string The label for the connected app that's associated with this OAuth token.
Id string Reserved for future use. Currently, the value is always null.
RequestToken string The authorization code that was used to request the corresponding AccessToken. With this authorization code, you can revoke the corresponding AccessToken by passing the DeleteToken.
UseCount number How often the token has been used.
AppMenuItemId string The unique ID for the App Picker menu item that's associated with this OAuth token.
LastUsedDate number The most recent date when the OAuth token was used.
UserId string User The owner of the token.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedDate number The time when the ObjectPermission was created for Parent PermissionSet.
Id string The unique identifier of ObjectPermission.
LastModifiedById string User The unique identifier (id) for the User who modified the ObjectPermission associated with PermissionSet.
ParentId string PermissionSet The Id of this object's parent PermissionSet.
PermissionsCreate boolean If true, users assigned to the parent PermissionSet can create records for this object. Requires PermissionsRead for the same object to be true.
PermissionsDelete boolean If true, users assigned to the parent PermissionSet can delete records for this object. Requires PermissionsRead and PermissionsEdit for the same object to be true.
PermissionsViewAllRecords boolean If true, users assigned to the parent PermissionSet can view all records for this object, regardless of sharing settings. Requires PermissionsRead for the same object to be true.
CreatedById string User The unique identifier (id) for the User who created the ObjectPermission.
PermissionsModifyAllRecords boolean If true, users assigned to the parent PermissionSet can edit all records for this object, regardless of sharing settings. Requires PermissionsRead, PermissionsDelete, PermissionsEdit, and PermissionsViewAllRecords for the same object to be true.
SobjectType string The object's API name.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
LastModifiedDate number The time when the User was last modified by a user
PermissionsEdit boolean If true, users assigned to the parent PermissionSet can edit records for this object. Requires PermissionsRead for the same object to be true.
PermissionsRead boolean If true, users assigned to the parent PermissionSet can view records for this object.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
expiration string The length of time until a user password expires and must be changed. Valid values are Never, ThirtyDays, SixtyDays, NinetyDays, SixMonths, OneYear
historyRestriction number The number of previous passwords saved for users so that they must always reset a new, unique password. Valid values are 0 through 24 passwords remembered. The maximum value of 24 applies to API version 31.0 and later. In earlier versions, the maximum value is 16.
lockoutInterval string The duration of the login lockout. Valid values are FifteenMinutes (this value is the default value), ThirtyMinutes, SixtyMinutes, Forever (must be reset by admin)
maxLoginAttempts string The number of login failures allowed for a user before the user is locked out. Valid values are NoLimit, ThreeAttempts, FiveAttempts, TenAttempts. This value is the default value.
minimumPasswordLifetime boolean If enabled (true), passwords can't be changed more than one time during a 24-hour period.
questionRestriction string The restriction on whether the answer to the password hint question can contain the password itself. Valid values are None, DoesNotContainPassword
complexity string The types of characters that must be used in a user's password. Valid values are NoRestriction, AlphaNumeric, SpecialCharacters, UpperLowerCaseNumeric, UpperLowerCaseNumericSpecialCharacters, Any3UpperLowerCaseNumericSpecialCharacters
minimumPasswordLength number The minimum number of characters required for a password. The number can contain from 5 to 50 characters (default is 8). Available in API version 35.0 and later. Before API version 35.0, specify minimum password length with the enumeration minPasswordLength, with valid values FiveCharacters, EightCharacters (default), TenCharacters, TwelveCharacters (API version 31.0 and later), and FifteenCharacters (API version 34.0 and later).
obscureSecretAnswer boolean If enabled (true), hide answers to security questions as the user types.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
IsOwnedByProfile boolean If true, the permission set is owned by a profile. Available in API version 25.0 and later.
LastModifiedById string User The unique identifier (id) for the User who modified the PermissionSet.
Name string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters.
Permissions list<object> One field for each permission. The number of fields varies depending on the permissions for the organization and license type.
 PermissionName string The name of the Permission.
 isEnabled boolean If true, users assigned to this permission set have the named permission.
Type string Permission Set Type.
Id string The unique identifier of PermissionSet.
Label string The permission set label, which corresponds to Label in the user interface. Limit: 80 characters.
LastModifiedDate number The time when the User was last modified by a user
LicenseId string The ID of either the related PermissionSetLicense or UserLicense associated with this permission set.
ProfileId string Profile If the permission set is owned by a profile, this field returns the ID of the Profile. If the permission set isn't owned by a profile, this field returns a null value.
Description string A description of the permission set. Limit: 255 characters.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
HasActivationRequired boolean Indicates whether the permission set requires an associated active session (true) or not (false).
CreatedDate number The time when the PermissionSet.
IsCustom boolean If true, the permission set is custom (created by an admin); if false, the permission set is standard and related to a specific permission set license.
NamespacePrefix string The namespace prefix for a permission set that's been installed as part of a managed package. If the permission set isn't packaged or is part of an unmanaged package, this value is empty.
PermissionSetGroupId string If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value.
CreatedById string User The unique identifier (id) for the User who created the PermissionSet.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
PermissionSetGroupId string If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value.
PermissionSetId string PermissionSet Unique Identifier of PermissionSet
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
AssigneeId string User ID of the User to assign the permission set specified in PermissionSetId.
ExpirationDate number The date that the assignment of the permission set expires for the specified user.
Id string The unique identifier of PermissionSetAssignment.
IsActive boolean Indicates whether the permission set assignment is active (true) or not (false). Defaults to false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
canEncryptManagedPackageFields boolean Indicates whether users can enable encryption on custom fields in installed managed packages (true) or not (false).
enableDeterministEncryption boolean Indicates whether customers apply the deterministic encryption scheme to supported fields (true) or not (false). The deterministic encryption scheme lets customers filter on encrypted data.
enableEventBusEncryption boolean Indicates whether events are encrypted at rest in the event bus (true) or not (false). The events include change data capture events and platform events. The default value is false. If false, events aren't encrypted and are stored in clear text in the event bus.
enableEncryptFieldHistory boolean Indicates whether the background encryption process applies the customer's active key material to field history and feed tracking values (true) or not (false). The default value is false. If false, background encryption processes apply active key material to all encrypted data except duplicates of that data stored in field history or feed tracking.
isMEKForEncryptionRequired boolean Indicates whether encryption policy tasks, such as enabling encryption on fields, also require the Manage Encryption Keys permission (true) or not (false), in addition to those tasks' baseline permissions.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
UserLicenseId string ID of the UserLicense associated with this profile..
CreatedDate number The time when the Profile was created.
Id string The unique identifier of Profile.
LastReferencedDate number The timestamp for when the current user last viewed a record related to this profile.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
UserType string The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles.
CreatedById string User The unique identifier (id) for the User who created the Profile.
Description string A description of the Profile.
LastModifiedDate number The time when the Profile was last modified by a user
Name string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters.
LastModifiedById string User The unique identifier (id) for the User who modified the Profile.
LastViewedDate number The timestamp for when the current user last viewed this profile.
Permissions list<object> One field for each permission. The number of fields varies depending on the permissions for the organization and license type.
 isEnabled boolean If true, users assigned to this permission set have the named permission.
 PermissionName string The name of the Permission.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
RealTimeEvents list<object> A list of Real-Time Event entities
 entityName string The name of the storage or streaming entity to be modified. For example, ApiEvent or ApiEventStream.
 isEnabled boolean Indicates whether to enable storage or streaming capability.
StreamingApiConcurrentClients object The number of Concurrent CometD clients (subscribers) across all channels and for all event types
 Max number The maximum number of Concurrent CometD clients (subscribers) across all channels and for all event types
 Remaining number The remaining number of Concurrent CometD clients (subscribers) across all channels and for all event types that can subscribe
ATTRIBUTE TYPE REFERS TO DESCRIPTION
fullName string The name can only contain characters, letters, and the underscore (_) character, must start with a letter, and cannot end with an underscore or contain two consecutive underscore characters.
isActive boolean Indicates if the remote site setting is active (true) or not (false).
url string The URL for the remote site.
description string The description explaining what this remote site setting is used for.
disableProtocolSecurity boolean Indicates whether code within Salesforce can access the remote site regardless of whether the user's connection is over HTTP or HTTPS (true) or not (false). When true, code within Salesforce can pass data from an HTTPS session to an HTTP session, and vice versa.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAdvancedCMTSecurity boolean Indicates whether custom metadata type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false.
enableAdvancedCSSecurity boolean Indicates whether custom settings type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false.
enableListCustomSettingCreation boolean Indicates whether you can create custom settings when using application-level data definitions (true) or not (false). This field has a default value of false.
enableSOSLOnCustomSettings boolean Indicates whether custom settings values are returned in Salesforce Object Search language (SOSL) queries (true) or not (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableCrossOrgRedirects boolean Indicates whether redirections to other Salesforce orgs are allowed (true) or blocked (false). In orgs that got Winter '24 before October 2023, the default value is false. In all other orgs, the default value is true. This setting applies to user redirections via a direct link, a post-action URL, or a post-login URL in Salesforce. An example of a direct link is <a href='https://www.example.com'>example.com</a>. Post-action URLs and post-login URLs use a protected URL redirect parameter, such as retURL, startURL, saveURL, cancelURL, and targetURL. Subsequent redirections can't be verified because they occur outside Salesforce. When this field is set to true, no warning is displayed to the user upon redirection to another Salesforce org. For better security, add the URLs for the Salesforce orgs that you own to RedirectWhitelistUrl and set this field to true.
enableAdminLoginAsAnyUser boolean If true, the "Administrator Can Log in as Any User" field is enabled
enableCoopHeader boolean Indicates whether the Cross-Origin Opener Policy (COOP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, each custom Visualforce page opens in a new browsing context group. The default value is false.
enforceUserDeviceRevoked boolean If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later.
enableAuraSecureEvalPref boolean If true, this setting prevents the creation of function expressions in dynamically created Aura components. The default is false. This field is available in API version 47.0 and later.
enableCoepHeader boolean Indicates whether the Cross-Origin Embedder Policy (COEP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, externally sourced embedded content loads only when the external origin allows it via CORS or CORP. The default value is false.
enablePermissionsPolicy boolean Indicates whether the pages that Salesforce serves for this org include the Permissions-Policy HTTP header. This HTTP header controls access to browser features such as cameras and microphones. When this field is false, access to the browser features is always permitted. The default value is false
sendCspForUncommonClients boolean In rare cases, Salesforce can't identify whether the requesting app or specialized browser supports the Content-Security-Policy: frame-ancestors HTTP header directive. In those cases, this field indicates whether that directive is included in (true) or omitted from (false) the HTTP response header for pages that Salesforce serves for this org. The default value is false. When sendCspForUncommonClients is true, users who access Salesforce via an app or browser that doesn't support the Content-Security-Policy: frame-ancestors HTTP header directive can experience errors if that lack of support is unclear.
canUsersGrantLoginAccess boolean If true, users can grant login access to Support. If false, only an admin can grant login access.
enableAuditFieldsInactiveOwner boolean If true, this setting enables audit fields and updating the owner for records that are owned by inactive users. The default value is false. This field is available in API version 47.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableCSPOnEmail boolean Indicates whether a content security policy is enabled for the email template. A content security policy helps prevent cross-site scripting attacks by listing allowed sources of images and other content.
enableCSRFOnGet boolean Indicates whether Cross-Site Request Forgery (CSRF) protection on GET requests on non-setup pages is enabled (true) or disabled (false).
enableClickjackNonsetupUser boolean Indicates whether clickjack protection for customer Visualforce pages with standard headers turned on is enabled (true) or disabled (false).
enableClickjackSetup boolean Indicates whether clickjack protection for setup pages is enabled (true) or disabled (false).
enableContentSniffingProtection boolean Indicates if the browser is prevented from inferring the MIME type from the document content and from executing malicious files (JavaScript, Stylesheet) as dynamic content. This field is available in API version 39.0 and later.
enableOauthCorsPolicy boolean If set to true, enables Cross-Origin Resource Sharing (CORS) for these OAuth endpoints: /services/oauth2/token /services/oauth2/revoke /services/oauth2/introspect Default setting is false. Available in API version 50.0 and later.
sidToken3rdPartyAuraApp boolean If true, a Lightning app replaces the authentication cookie with a session token when the Lightning app is in a third-party context, such as Lightning Out. Browsers are restricting the use of third-party cookies. This org setting is an alternative for the authentication cookie to requiring that users disable browser settings, such as Safari's Prevent cross-site tracking setting
allowUserAuthenticationByCertificate boolean If enabled (true), users can authenticate with a PEM-encoded X.509 digital certificate. Not enabled by default. Available in API version 47.0 and later.
enableCSRFOnPost boolean Indicates whether Cross-Site Request Forgery (CSRF) protection on POST requests on non-setup pages is enabled (true) or disabled (false).
lockerServiceCSP boolean If true, a stricter Content Security Policy is enabled to disallow the unsafe-inline source for the script-src CSP directive. Script tags can't be used to load JavaScript, and event handlers can't use inline JavaScript. Lightning Locker and Lightning Web Security depend on this setting to be enabled to protect Lightning components.
forceLogoutOnSessionTimeout boolean If enabled (true), the default, when sessions time out for inactive users, current sessions become invalid. The browser refreshes and returns to the login page. To access the organization, the user must log in again.
lockSessionsToDomain boolean Indicates whether the current UI session for a user is associated with a specific domain. This check helps prevent unauthorized use of the session ID in another domain. The value is true by default for orgs created with the Spring '15 release or later. Available in API version 33.0 and later.
allowUserCertBasedAuthenticationWithOcspValidation boolean If enabled (true), authentication certificates are validated using the Online Certificate Status Protocol (OCSP) or a Certificate Revocation List (CRL).
canConfirmIdentityBySmsOnly boolean Prevents identity verification by email for users who have registered other verification methods, such as SMS or Salesforce Authenticator. If no other verification methods are configured, users are verified by email. By default, this setting is disabled (false) for existing orgs. For new orgs, this setting is enabled (true) by default. Available in API version 48.0 and later.
enableClickjackNonsetupSFDC boolean Indicates whether clickjack protection for non-setup Salesforce pages is enabled (true) or disabled (false).
enableClickjackNonsetupUserHeaderless boolean Indicates whether clickjack protection for customer Visualforce pages with standard headers turned off is enabled (true) or disabled (false).
hasRetainedLoginHints boolean If you enable 'Remember me until logout' (true), usernames (login hints) are cached until the user logs out. If a session times out, usernames appear on the Switcher as inactive. If false (default), usernames aren't cached for SSO sessions.
identityConfirmationOnTwoFactorRegistrationEnabled boolean Indicates if users are required to confirm their identities when adding a verification method such as Salesforce Authenticator for multi-factor authentication (MFA), instead of requiring a re-login. (Multi-factor authentication was formerly called two-factor authentication.) This field is available in API version 40.0 and later.
referrerPolicy boolean Indicates whether the referer header hides sensitive information that could be present in the full URL. If true, then the referer header displays only salesforce.com. If false, then the header displays the entire URL. For a Visualforce user, if referrerPolicy is set to true, then the referer header displays only force.com. If false, then the header displays the entire URL. Available in API version 42.0 and later.
requireHttpOnly boolean Sets the HttpOnly attribute on session cookies, making them inaccessible via JavaScript. If true, session ID cookie access is restricted.
enableBuiltInAuthenticator boolean Indicates whether users can verify their identity with a built-in authenticator that's already on their device (true), such as Touch ID or Windows Hello, or not (false). The default value is false
enableCacheAndAutocomplete boolean Indicates whether the user's browser is allowed to store usernames and auto-fill the User Name field on the login page (true) or not (false).
hasUserSwitching boolean If 'Enable user switching' is true (default), users can log in to other orgs by selecting their profile picture and using the Switcher. You must also enable the 'Enable caching and autocomplete on login page' setting. If false, the Switcher isn't enabled and your org doesn't appear in Switchers on other orgs.
forceRelogin boolean If true, an admin who is logged in as another user must log in again to their original session, after logging out as the secondary user. If false, the admin isn't required to log in again.
redirectionWarning boolean Indicates whether users see an alert when they click a link in a web tab that redirects them outside the saleforce.com domain. Available in API version 42.0 and later.
enableMFADirectUILoginOptIn boolean Requires all users in your Salesforce org to provide an additional verification method when logging in directly to the UI with their username and password. Users who are already enabled via the Multi-Factor Authentication for User Interface Logins user permission experience no change. The Waive Multi-Factor Authentication for Exempt Users user permission overrides this setting.
enforceIpRangesEveryRequest boolean If true, the IP addresses in Login IP Ranges are enforced when a user accesses Salesforce (on every page request), including access from a client app. If false, the IP addresses in Login IP Ranges are enforced only when a user logs in. This field affects all user profiles that have login IP restrictions. Available in API version 34.0 and later.
lockerServiceNextControl boolean Reserved for internal use
disableTimeoutWarning boolean Indicates whether the session timeout warning popup is disabled (true) or enabled (false).
enableSMSIdentity boolean If enabled (true), the default, users can receive a one-time password in a text message (SMS) to verify their identity. Users must verify their mobile phone number before they can receive SMS messages.
enableU2F boolean If enabled (true), users can use a physical U2F-compatible security key for multi-factor authentication (MFA) and identity verification. The default is false. Available in API version 47.0 and later.
lockerServiceNext boolean If true, Lightning Web Security is used instead of Lightning Locker to protect Lightning web components. Lightning Locker continues to protect Aura components. If false, Lightning Locker protects Lightning web components and Aura components.
useLocalStorageForLogoutUrl boolean Redirects all expired tabs in your browser to your custom logout URL (true). By default, this option is enabled for all new orgs and is available in API version 52.0 and later. For orgs created prior to the Summer '21 release, the default setting is false.
canConfirmEmailChangeInLightningCommunities boolean When users change their email address, they receive an email at the new address with a link. After they click the link, their new email address takes effect.
enablePostForSessions boolean Indicates whether cross-domain session information is exchanged using a POST request instead of a GET request, such as when a user is using a Visualforce page. In this context, POST requests are more secure than GET requests. Available in API version 31.0 and later.
identityConfirmationOnEmailChange boolean Indicates if a user's identity is confirmed when changing their email address, instead of requiring a re-login. This field is available in API version 42.0 and later.
sessionTimeout string The length of time after which users without activity are prompted to log out or continue working. Valid values are FifteenMinutes, ThirtyMinutes, SixtyMinutes, TwoHours, FourHours, EightHours, TwelveHours
enableLightningLogin boolean If enabled (true), users can use Lightning Login (Salesforce Authenticator) to log in instead of a password. Available in API Version 47.0 and later.
enableLightningLoginOnlyWithUserPerm boolean If enabled (true), only users with the Lightning Login User permission can log in with Salesforce Authenticator instead of a password. Available in API version 47.0 and later.
enforceUserDeviceRevoked boolean If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later.
FileUploadAndDownloadSecurityRules list<object> A list of rules representing the security settings for uploading and downloading files.
 dispositions string Represents the metadata used to manage file type behavior.
 noHtmlUploadAsAttachment boolean Indicates whether to allow HTML uploads as attachments or document records.
lockSessionsToIp boolean Indicates whether user sessions are locked to the IP address from which the user logged in (true) or not (false).
redirectBlockModeEnabled boolean If true, users can't access untrusted URLs outside the salesforce.com domain via links in a web tab. When a user clicks the link, a message informs the user that they can't access the page because the external site isn't trusted. The default is false.
referrerPolicyDirective string The HTTP referrer policy directive for pages served by Salesforce. The default is origin-when-cross-origin. If referrerPolicy is false, this value has no effect. Valid values are: origin-when-cross-origin, no-referrer, no-referrer-when-downgrade, origin, same-origin, strict-origin, strict-origin-when-cross-origin, and unsafe-url
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableRestrictAccessLookupRecords boolean Indicates whether users must have read access to a record to see the record's name in lookup and system fields (true) or not (false). This field has a default value of true in Salesforce orgs created in Spring '20 or later and a default value of false in all other orgs. This field is available in API version 48.0 and later.
enableSecureGuestAccess boolean When true, guest users have organization-wide defaults set to Private. To share records with them, guest user sharing rules must be used.
enableAssetSharing boolean Indicates whether sharing is enabled for assets (true) or asset access is determined by the parent object's sharing rules (false). This field has a default value of false.
enableAccountRoleOptimization boolean Indicates whether person roles are assigned to new site users in accounts without existing users (true) or if regular site roles are created for new users (false). This field has a default value of false.
enableCommunityUserVisibility boolean Indicates whether site users in the same site can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. In orgs created in API version 47.0 and later, this setting doesn't apply to guest users.
enablePartnerSuperUserAccess boolean Indicates whether you can grant super user access to partners in sites (true) or not (false). This field has a default value of false. To use this field, you need the 'Customize Application' permission.
deferGroupMembership boolean Indicates whether group membership calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later.
deferSharingRules boolean Indicates whether sharing rule calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later.
enablePortalUserVisibility boolean Indicates whether portal users in the same customer or partner portal account can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. To enable this field, contact Salesforce Support.
enableRemoveTMGroupMembership boolean Removes group membership info for the original territory management feature after migrating to Enterprise Territory Management when set to true. This field has a default value of false. Once this field is set to true, it can't be set to false again.
enableTerritoryForecastManager boolean Indicates whether forecast managers can act as delegated administrators for territories below them in the hierarchy (true) or not (false). This field has a default value of false.
enableManagerGroups boolean Indicates whether users can share records with their managers and manager subordinates groups (true) or not (false). This field has a default value of false. To use this field, you need the 'View and Manage Users' permission.
enableManualUserRecordSharing boolean Indicates whether users can share their own user record (true) or not (false). This field has a default value of false.
enableStandardReportVisibility boolean Indicates whether users can view reports based on standard report types that may expose data of users to whom they don't have access (true) or not (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableCaseInsensitiveFederationID boolean If you enable Make Federation ID case-insensitive (true), the Federation ID field on a user object isn't case-sensitive. If disabled (false), the Federation ID field remains case-sensitive. The default is false.
enableSamlLogin boolean If you enable 'SAML Enabled' (true), users can SSO into Salesforce from providers via SAML. The default isn't enabled (false).
enableMultipleSamlConfigs boolean If true (default), you can configure multiple SAML providers. After enabling the setting, it can't be disabled.
enableSamlJitProvisioning boolean If you enable User Provisioning Enabled (true), you can provision users through a SAML assertion (called just-in-time provisioning). Requires EnableSamlLogin to be true and enableMultipleSamlConfigs to be false. The default is enabled (false).
enableForceDelegatedCallout boolean If you enable Force Delegated Authentication Callout (true), a callout to the SSO endpoint occurs regardless of login restriction failures. If disabled (false), the default, and if a user's first login attempt fails due to login restrictions within the Salesforce org, a call isn't made to the SSO endpoint.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableTopicsInSites boolean Indicates whether guest and authenticated external users can view topics in Salesforce Sites and Salesforce portals (true) or not (false). The default value is false.
enableSitesRecordReassignOrgPref boolean When true, indicates when the org assigns records created by guest users of a site to a default owner in the org. When false, the guest user remains the owner of the record. The default value is false. Available in API version 48.0 and later.
enableProxyLoginICHeader boolean Indicates whether security tokens for API logins from callouts (in API version 31.0 and earlier) are required (true) or not (false). The default value is true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
UserPreferencesHideEndUserOnboardingAssistantModal boolean Reserved for future use.
UserPreferencesShowPostalCodeToExternalUsers boolean Indicates the visibility of the postal or ZIP code field in the user's contact information. Postal code is visible only to internal members of the user's organization when this field is false. Postal code is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowPostalCodeToGuestUsers is true, which overrides this field's value External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
DefaultCurrencyIsoCode string The user's default currency setting for new records. For example, if a user in France sets DefaultCurrencyIsoCode to euros, then that's their default currency. Only applicable for organizations that use multiple currencies.
Manager string User lookup field used to select the user's manager. This field establishes a hierarchical relationship, preventing you from selecting a user that directly or indirectly reports to themselves.
NumberOfFailedLogins number The number of failed login attempts for the user's account. When the maximum number of failed login attempts is reached, the counter resets and the user's account is locked. If there's a successful login before the maximum number of failed login attempts is reached, the counter resets and the user's account remains unlocked.
UserPreferencesDisableWorkEmail boolean When false, the user receives emails related to WDC feedback, goals, and coaching. The user must also sign up for individual emails listed on the WDC email settings page. When true, the user doesn't receive any emails related to WDC feedback, goals, or coaching even if they're signed up for individual emails.
WirelessEmail string Wireless email address associated with this user. For use with Salesforce Wireless Edition. This field is available only if the Wireless and Email permissions are enabled for your organization.
Latitude number Used with Longitude to specify the geolocation of an address. Acceptable values are numbers between -90 and 90 up to 15 decimal places.
UserPermissionsJigsawProspectingUser boolean Indicates whether the user is allocated one Data.com user license (true) or not (false). The Data.com user license lets the user add Data.com contact and lead records to Salesforce in supported editions. Label is Data.com User.
UserPreferencesDisableProfilePostEmail boolean When false, the user automatically receives email every time someone posts to the user's profile.
PortalRole string The role of the user in the Customer Portal (either "Executive", "Manager", "User", or "PersonAcount")
IsPartner boolean Indicates whether the user is a partner who has access to the partner portal (true) or not (false). This field isn't available for release 9.0 and later. Instead, use UserType with the value Partner or Power Partner.
LastReferencedDate number The timestamp for when the current user last viewed a record related to this record.
OfflineTrialExpirationDate number The date and time when the user's Connect Offline trial expires.
SenderName string The name used as the email sender when the user sends emails. This name is the same value shown in Setup on the My Email Settings page.
UserPermissionsKnowledgeUser boolean Indicates whether the user is enabled to use Salesforce Knowledge (true) or not (false). Label is Knowledge User.
Alias string The user's alias. For example, jsmith.
DefaultDivision string This record's default division. Only applicable if divisions are enabled.
Extension string The user's phone extension number.
UserPermissionsSiteforcePublisherUser boolean Indicates whether the user is allocated one Site.com Publisher feature license (true) or not (false). Label is Site.com Publisher User. The Site.com Publisher feature license grants the user access to the Site.com application. Users with a Publisher license can build and style websites, control the layout and functionality of pages and page elements, and add and edit content.
UserPreferencesDisableChangeCommentEmail boolean When false, the user automatically receives email every time someone comments on a change the user has made, such as an update to their profile.
UserPreferencesDisProfPostCommentEmail boolean When false, the user automatically receives email every time someone comments on posts on the user's profile.
UserPermissionsSiteforceContributorUser boolean Indicates whether the user is allocated one Site.com Contributor feature license (true) or not (false). Label is Site.com Contributor User. The Site.com Contributor feature license grants the user access to the Site.com application. Users with a Contributor license can use Site.com Studio to edit site content only.
UserPreferencesDisableFeedbackEmail boolean When false, the user automatically receives emails related to WDC feedback. The user receives these emails when someone requests or offers feedback, shares feedback with the user, or reminds the user to answer a feedback request.
UserPreferencesShowManagerToExternalUsers boolean Indicates the visibility of the manager field in the user's contact information. Manager is visible only to internal members of the user's organization when this field is false. Manager is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
UserPreferencesShowFaxToGuestUsers boolean Indicates the visibility of the fax number field in the user's contact information. When true, the fax number field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowFaxToExternalUsers, making the user's fax number visible to guests. The default value is false.
UserPreferencesTaskRemindersCheckboxDefault boolean When true, a reminder popup is automatically set on the user's tasks. Corresponds to the By default, set reminder on Tasks to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
Address object Address of the user.
 Longitude number Used with Latitude to specify the precise geolocation of the address.
 Street string The street detail for the address.
 Accuracy string Accuracy level of the geocode for the mailing address.
 City string The city detail for the address.
 CountryCode string The ISO country code for the address.
 Latitude number Used with Longitude to specify the precise geolocation of the address.
 Country string The country detail for the address.
 PostalCode string The postal code for the address.
 State string The state detail for the address.
 StateCode string The ISO state code for the address.
GeocodeAccuracy string The level of accuracy of a location's geographical coordinates compared with its physical address. A geocoding service typically provides this value based on the address's latitude and longitude coordinates.
StateCode string The ISO state code associated with the user.
UserRoleId string ID of the user's UserRole. Label is Role ID.
DigestFrequency string The send frequency of the user's Chatter personal email digest. The valid values are: "D" (Daily), "W" (Weekly), "N" (Never). The default value is "D".
Street string The street address associated with the User.
UserPreferencesApexPagesDeveloperMode boolean When true, indicates that the user has enabled developer mode for editing Visualforce pages and controllers.
ForecastEnabled boolean Indicates whether the user is enabled as a forecast manager (true) or not (false). Forecast managers see forecast rollups from users below them in the forecast hierarchy.
SenderEmail string The email address used as the From address when the user sends emails. This address is the same value shown in Setup on the My Email Settings page.
UserPreferencesActivityRemindersPopup boolean When true, a reminder window automatically opens when an activity reminder is due. Corresponds to the Trigger alert when reminder comes due checkbox at the Reminders page in the personal settings in the user interface.
UserPreferencesDisableSharePostEmail boolean When false, the user automatically receives email every time their post is shared.
UserPreferencesDisCommentAfterLikeEmail boolean When false, the user automatically receives email every time someone comments on a post that the user liked. This field is available in API version 24.0 and later.
BannerPhotoUrl string The URL for the user's banner photo. This field is available in API version 36.0 and later.
Email string The user's email address.
FederationIdentifier string Indicates the value that must be listed in the Subject element of a Security Assertion Markup Language (SAML) IDP certificate to authenticate the user for a client application using single sign-on. This value must be specified if the SAML User ID Type is Assertion contains Federation ID from the User record. Otherwise, this field can't be edited.
UserPreferencesReceiveNotificationsAsDelegatedApprover boolean Controls email notifications from the approval process for delegated approvers. If true, emails are enabled. If false, emails are disabled. The default value is false.
UserPreferencesShowManagerToGuestUsers boolean Indicates the visibility of the manager field in the user's contact information. When true, the manager field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowManagerToExternalUsers, making the user's manager visible to guests. The default value is false.
UserPreferencesContentNoEmail boolean When false, a user with Salesforce CRM Content subscriptions receives email notifications if activity occurs on the subscribed content, libraries, tags, or authors. To receive real-time email alerts, set this field to false and set the UserPreferencesContentEmailAsAndWhen field to true. The default value is false.
UserPreferencesEventRemindersCheckboxDefault boolean When true, a reminder popup is automatically set on the user's events. Corresponds to the By default, set reminder on Events to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
UserPreferencesHideSfxWelcomeMat boolean Controls whether a user sees the Lightning Experience new user message. That message welcomes users to the new interface and provides step-by-step instructions that describe how to return to Salesforce Classic.
UserPreferencesDisableFileShareNotificationsForApi boolean When false, email notifications are sent from the person who shared the file to the users that the file is shared with.
UserPermissionsSFContentUser boolean Indicates whether the user is allocated one Salesforce CRM Content User License (true) or not (false). Label is Salesforce CRM Content User. The Salesforce CRM Content User license grants the user access to the Salesforce CRM Content application.
UserPreferencesHideBiggerPhotoCallout boolean When true, users can choose to hide the callout text below the large profile photo.
UserPreferencesShowTitleToGuestUsers boolean Indicates the visibility of the business title field in the user's contact information. When true, title is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowTitleToExternalUsers, making the user's title visible to external members. The default value is false.
UserType string The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles. The valid values are "Standard" (user license. This user type also includes Salesforce Platform and Salesforce Platform One user licenses. Label is Standard), "PowerPartner" (User whose access is limited because they're a partner and typically access the application through a partner portal or Experience Cloud site. Label is Partner), "CSPLitePortal" (user whose access is limited because they're an org's customer and access the application through a Customer Portal or Experience Cloud site. Label is High Volume Portal), "CustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal User.), "PowerCustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal Manager). Users with this license type can view and edit data they directly own or data owned by or shared with users below them in the Customer Portal role hierarchy: "CsnOnly" (user whose access to the application is limited to Chatter. This user type includes Chatter Free and Chatter moderator users. Label is Chatter Free), "Guest" (user whose access is limited because they're an unauthenticated user without login credentials. Label is Guest)
EmailPreferencesAutoBcc boolean Determines whether the user receives copies of sent emails. This option applies only if compliance BCC emails aren't enabled.
IsPortalSelfRegistered boolean Indicates whether the user is a Customer Portal user who self-registered for your organization's Customer Portal (true) or not (false).
Title string The user's business title, such as Vice President.
TimeZoneSidKey string This field is a restricted picklist field. A User time zone affects the offset used when displaying or entering times in the user interface. But the API doesn't use a User time zone when querying or setting values. Values for this field are named using region and key city, according to ISO standards. You can also manually set one User time zone in the user interface, and then use that value for creating or updating other User records via the API.
UserPreferencesShowStreetAddressToGuestUsers boolean Indicates the visibility of the street address field in the user's contact information. When true, the street address field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowStreetAddressToExternalUsers, making the user's street address visible to guests. The default value is false.
UserPreferencesSuppressTaskSFXReminders boolean When true, task reminders don't appear. Corresponds to the Show task reminders in Lightning Experience. checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
DelegatedApproverId string Id of the user who is a delegated approver for this user.
FirstName string The user's first name.
Signature string The signature text added to emails. This text is the same value shown in Setup on the My Email Settings page.
UserPermissionsWorkDotComUserFeature boolean Indicates whether the WDC feature is enabled for the user (true) or not (false).
UserPreferencesHideS1BrowserUI boolean Controls the interface that the user sees when logging in to Salesforce from a supported mobile browser. If false, the user is automatically redirected to the Salesforce mobile web. If true, the user sees the full Salesforce site. The default value is false. Label is Salesforce User.
UserPreferencesShowCountryToExternalUsers boolean Indicates the visibility of the country field in the user's contact information. Country is visible only to internal members of the user's organization when this field is false. Country is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCountryToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
CommunityNickname string Name used to identify this user in the Experience Cloud site.
LastLoginDate number The date and time when the user last successfully logged in. This value is updated if 60 seconds elapses since the user's last login.
UserPermissionsOfflineUser boolean Indicates whether the user is enabled to use Offline Edition (true) or not (false). Label is Offline User.
UserPermissionsLiveAgentUser boolean Indicates whether the user is enabled to use Chat (true) or not (false). Label is Live Agent User.
IsPrmSuperUser boolean Available for partner portal users only. Indicates whether the user has super user access in the partner portal (true) or not (false).
IsProfilePhotoActive boolean Indicates whether a user has a profile photo (true) or not (false).
Username string Contains the name that a user enters to log in to the API or the user interface. The value for this field must be in the form of an email address, using all lowercase characters. It must also be unique across all organizations. If you try to create or update a User with a duplicate value for this field, the operation is rejected.
SmallBannerPhotoUrl string The URL for the small user profile banner photo.
UserPermissionsMarketingUser boolean Indicates whether the user is enabled to manage campaigns in the user interface (true) or not (false). Label is Marketing User.
UserPreferencesUserDebugModePref boolean When true, the Lightning Component framework executes in debug mode for the user. Corresponds to the Debug Mode checkbox on the Advanced User Details page of personal settings in the user interface.
ReceivesInfoEmails boolean Indicates whether the user receives informational email from Salesforce (true) or not (false).
UserPermissionsWirelessUser boolean Required if the Wireless permission is enabled. Indicates whether the user is enabled to use Wireless Edition (true) or not (false). Label is Wireless User.
UserPreferencesDisableFollowersEmail boolean When false, the user automatically receives email every time someone starts following the user in Chatter.
UserPreferencesLightningExperiencePreferred boolean When true, redirects the user to the Lightning Experience interface. Label is Switch to Lightning Experience.
UserPreferencesOptOutOfTouch boolean When false, the user automatically accesses the Salesforce Touch app when logging in to Salesforce from an iPad. If true, automatic access to the Salesforce Touch app is turned off and the user's iPad is directed to the full Salesforce site instead. The default value is false.
CompanyName string The name of the user's company.
Longitude number Used with Latitude to specify the geolocation of an address. Acceptable values are numbers between -180 and 180 up to 15 decimal places.
MobilePhone string The user's mobile device number.
UserPreferencesShowTitleToExternalUsers boolean Indicates the visibility of the business title field in the user's contact information. Title is visible only to internal members of the user's organization when this field is false. Title is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowTitleToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is true.
PostalCode string The user's postal or ZIP code. Label is Zip/Postal Code.
UserPermissionsCallCenterAutoLogin boolean Required if Salesforce CRM Call Center is enabled. Indicates whether the user is enabled to use the auto login feature of the call center (true) or not (false).
UserPreferencesDisableBookmarkEmail boolean When false, the user automatically receives email every time someone comments on a Chatter feed item after the user has bookmarked it.
UserPreferencesDisableRewardEmail boolean When false, the user automatically receives emails related to WDC rewards. The user receives these emails when someone gives a reward to the user.
BadgeText string The Experience Cloud site role, displayed on the user profile page just below the user name.
City string The city associated with the user.
IsActive boolean Indicates whether the user has access to log in (true) or not (false). You can modify a User's active status from the user interface or via the API.
UserPreferencesJigsawListUser boolean When true, the user is a Data.com List user so shares record additions from a pool. UserPermissionsJigsawProspectingUser must also be set to true. Label is Data.com List User.
UserPreferencesShowFaxToExternalUsers boolean Indicates the visibility of the fax number field in the user's contact information. Fax number is visible only to internal members of the user's organization when this field is false. Fax number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
Id string The unique identifier of User
UserPermissionsInteractionUser boolean Indicates whether the user can run flows or not. Label is Flow User.
UserPreferencesDisableMentionsPostEmail boolean When false, the user automatically receives email every time they're mentioned in posts.
MiddleName string The user's middle name.
ProfileId string Profile ID of the user's Profile. Use this value to cache metadata based on profile.
UserPreferencesEnableAutoSubForFeeds boolean When true, the user automatically subscribes to feeds for any objects that the user creates.
UserPreferencesDisableMessageEmail boolean When false, the user automatically receives email for Chatter messages sent to the user.
UserPreferencesShowStreetAddressToExternalUsers boolean Indicates the visibility of the street address field in the user's contact information. The address is visible only to internal members of the user's organization when this field is false. The address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false.
LastModifiedDate number The time when the User was last modified by a user
AccountId string ID of the Account associated with a Customer Portal user. This field is null for Salesforce users.
EmailEncodingKey string The email encoding for the user, such as ISO-8859-1 or UTF-8.
UserPreferencesShowWorkPhoneToGuestUsers boolean Indicates the visibility of the work phone field in the user's contact information. When true, the work phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowWorkPhoneToExternalUsers, making the user's work phone visible to guests. The default value is false.
UserPreferencesSortFeedByComment boolean Specifies the data value used in sorting a user's feed. When true, the feed is sorted by most recent comment activity. When false, the feed is sorted by post date.
UserPreferencesDisableLaterCommentEmail boolean When false, the user automatically receives email every time someone comments on a feed item after the user has commented on the feed item.
Department string The company department associated with the user.
Name string Concatenation of FirstName and LastName.
State string The state associated with the User.
LanguageLocaleKey string The user's language, such as French or Chinese (Traditional). Label is Language.
CreatedById string User The unique identifier (id) for the User who created the User.
CurrentStatus string Text that describes what the user is working on.
UserPreferencesReceiveNoNotificationsAsApprover boolean Controls email notifications from the approval process for approvers. If true, emails are disabled. If false, emails are enabled. The default value is false.
UserPreferencesShowProfilePicToGuestUsers boolean Indicates the visibility of the user's profile photo. When true, the photo is visible to guest users in an Experience Cloud site. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When false, this field returns the stock photo. The default value is false.
CreatedDate number The time when the User was created
ReceivesAdminInfoEmails boolean Indicates whether the user receives email for administrators from Salesforce (true) or not (false).
UserPreferencesHideSecondChatterOnboardingSplash boolean When true, the secondary Chatter onboarding prompts don't appear.
SmallPhotoUrl string The URL for a thumbnail of the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo.
UserPermissionsChatterAnswersUser boolean Indicates whether the portal user is enabled to use the Chatter Answers feature (true) or not (false). This field defaults to false when a Customer Portal user is created from the API.
UserPreferencesDisMentionsCommentEmail boolean When false, the user automatically receives email every time the user is mentioned in comments.
AboutMe string Information about the user, such as areas of interest or skills. This field is available even if Chatter is disabled.
ContactId string ID of the Contact associated with this account. The contact must have a value in the AccountId field or an error occurs.
Division string The division associated with this user, similar to Department, and unrelated to DefaultDivision.
UserPreferencesDisableAllFeedsEmail boolean When false, the user automatically receives email for all updates to Chatter feeds, based on the types of feed emails and digests the user has enabled.
UserPreferencesHideCSNGetChatterMobileTask boolean When true, the Chatter recommendations panel never displays the recommendation to install Chatter Mobile.
UserPreferencesNativeEmailClient boolean Use this field to set a default email preference for the user's native email client. This field is available in API version 47.0 and later. The default value is false, corresponding to the Salesforce docked email composer.
UserPreferencesPathAssistantCollapsed boolean When true, Sales Path appears collapsed or hidden to the user.
UserPreferencesShowEmailToExternalUsers boolean Indicates the visibility of the email address field in the user's contact information. Email address is visible only to internal members of the user's organization when this field is false. Email address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. When false, this field returns the value #N/A. The default value is false.
CallCenterId string If Salesforce CRM Call Center is enabled, represents the call center that this user is assigned to.
FullPhotoUrl string The URL for the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo.
UserPermissionsSupportUser boolean When true, the user can use the Salesforce console.
UserPreferencesShowStateToGuestUsers boolean Indicates the visibility of the state field in the user's contact information. When true, state is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowStateToExternalUsers, making the user's state visible to external members. The default value is false.
LocaleSidKey string This field is a restricted picklist field. The value of the field affects formatting and parsing of values, especially numeric values, in the user interface. It doesn't affect the API. The field values are named according to the language, and the country if necessary, using two-letter ISO codes. The set of names is based on the ISO standard. You can also manually set a user's locale in the user interface, and then use that value for inserting or updating other users via the API.
LastModifiedById string User The unique identifier (id) for the User who modified the User recently.
Country string The country associated with the user.
LastName string The user's last name.
LastViewedDate number The timestamp for when the current user last viewed this record. If this value is null, it's possible that this record was referenced (LastReferencedDate) but not viewed.
UserPreferencesReminderSoundOff boolean When true, a sound automatically plays when an activity reminder is due. Corresponds to the Play a reminder sound checkbox on the Reminders page in the user interface.
UserPreferencesSuppressEventSFXReminders boolean When true, event reminders don't appear. Corresponds to the Show event reminders in Lightning Experience checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
UserPreferencesShowCityToGuestUsers boolean Indicates the visibility of the city field in the user's contact information. When true, city is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCityToExternalUsers, making the user's city visible to external members. The default value is false.
DefaultGroupNotificationFrequency string The default frequency for sending the user's Chatter group email notifications when the user joins groups. The valid values are "P" (Email on every post), "D" (Daily digests), "W" (Weekly digests), "N" (Never). The default value is "N". For Professional, Enterprise, Unlimited, and Developer Edition organizations that existed before API version 22.0, the default value remains "D".
JigsawImportLimitOverride number The Data.com user's monthly addition limit. The value must be between zero and the organization's monthly addition limit. Label is Data.com Monthly Addition Limit.
UserPreferencesHideCSNDesktopTask boolean When true, the Chatter recommendations panel never displays the recommendation to install Chatter Desktop.
Suffix string The user's name suffix.
UserPreferencesDisableLikeEmail boolean When false, the user automatically receives email every time someone likes their post or comment.
UserPreferencesShowEmailToGuestUsers boolean Indicates the visibility of the email address field in the user's contact information. When true, the email address is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowEmailToExternalUsers, making the user's email address visible to guests. The default value is false.
EmployeeNumber string The user's employee number.
IndividualId string ID of the data privacy record associated with this user. This field is available if Data Protection and Privacy is enabled.
ManagerId string The Id of the user who manages this user.
UserPreferencesHideLightningMigrationModal boolean Reserved for future use.
UserPreferencesShowCityToExternalUsers boolean Indicates the visibility of the city field in the user's contact information. City is visible only to internal members of the user's organization when this field is false. City is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCityToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses.
UserPreferencesShowWorkPhoneToExternalUsers boolean Indicates the visibility of the work phone number field in the user's contact information. The number is visible only to internal members of the user's organization when this field is false. The number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false.
SystemModstamp number The time when the User was last modified by a user or an automated process (such as a trigger)
CountryCode string The ISO country code associated with the user.
IsPortalEnabled boolean Indicates whether an active, external, user has access to Experience Cloud sites or portals (true) or not (false). This field is only available if one of these conditions is true: Digital experiences is enabled and you have community or portal user licenses, Portals are enabled.
UserPreferencesShowStateToExternalUsers boolean Indicates the visibility of the state field in the user's contact information. State is visible only to internal members of the user's organization when this field is false. State is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowStateToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
Fax string The user's fax number.
UserPreferencesDisableEndorsementEmail boolean When false, the member automatically receives email every time someone endorses them for a topic.
UserPreferencesShowCountryToGuestUsers boolean Indicates the visibility of the country field in the user's contact information. When true, country is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCountryToExternalUsers, making the user's country visible to external members. The default value is false.
UserPreferencesHideChatterOnboardingSplash boolean When true, the initial Chatter onboarding prompts don't appear.
UserPreferencesShowMobilePhoneToGuestUsers boolean Indicates the visibility of the mobile phone field in the user's contact information. When true, the mobile phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowMobilePhoneToExternalUsers, making the user's mobile phone visible to guests. The default value is false.
UserPreferencesShowPostalCodeToGuestUsers boolean Indicates the visibility of the postal or ZIP code field in the user's contact information. When true, postal code is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowPostalCodeToExternalUsers, making the user's postal code visible to external members. The default value is false.
MediumBannerPhotoUrl string The URL for the medium-sized user profile banner photo.
Phone string The user's phone number.
UserPreferencesContentEmailAsAndWhen boolean When false, a user with Salesforce CRM Content subscriptions receives a once-daily email summary if activity occurs on the subscribed content, libraries, tags, or authors. To receive email, the UserPreferencesContentNoEmail field must also be false. The default value is false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableNewProfileUI boolean If you enable Enhanced Profile User Interface (true), you can use the streamlined, enhanced profile user interface to browse, search, and modify settings. You can use only one user interface at a time.
enableProfileFiltering boolean With profile filtering enabled (true), you can restrict who sees profile names to the users who require the access for their job roles. If profile filtering is disabled (false), users can see all profiles in a Salesforce org, regardless of which permissions they have.
enableUserSelfDeactivate boolean If you enable User Self Deactivate (true), users can deactivate their Experience Cloud site or Chatter accounts.
enableConcealPersonalInfo boolean Indicates if personal information fields in user records are hidden from external users (true) or not (false). When this field is set to true, 10 personal information fields are hidden. The default value is false. This field is unavailable for orgs created in Winter '22 or later. Salesforce recommends that you use the enableEnhancedConcealPersonalInfo field instead of enableConcealPersonalInfo. Before you set the enableEnhancedConcealPersonalInfo field to true, make sure that enableConcealPersonalInfo is set to false.
enableContactlessExternalIdentityUsers boolean If true and your org has the External Identity license, you can create contactless users. Having users without contact information reduces the overhead of managing customers. Purchase the External Identity license to access the Customer 360 Identity product. The default is false. Available in API version 47.0 and later.
enableEnhancedProfileMgmt boolean If you enable Enhanced Profile Lists Views (true), you can quickly view, customize, and edit list data.
enableScrambleUserData boolean If you enable Let Users Scramble Their User Data (true), users can request that Salesforce remove all their personal data. Because Salesforce can't delete information, it scrambles their data. Scrambling a user's data is unrecoverable. So this org-wide setting serves as an extra precaution. If a user requests it, you scramble the data programmatically with the obfuscateUser Apex method. You can use the method, for example, in a custom Apex trigger, workflow, or the Developer Console. This field is available in API version 47.0 and later.
restrictedProfileCloning boolean When enabled (true), only permissions accessible to your org are enabled when you clone profiles. When disabled (false), all permissions currently enabled in the source profile are also enabled for the cloned profile, even if your org can't currently access them. This field is available in API version 50.0 and later.
enableEnhancedConcealPersonalInfo boolean Indicates if personal information fields in user records are hidden from external users (true) or not (false). When this field is set to true, you can choose which fields are classified as personal information and hidden on the User Management Settings Setup page. The default value is false. This field is available in API version 53.0 and later. Before you set the enableEnhancedConcealPersonalInfo field to true, make sure that enableConcealPersonalInfo is set to false.
enableEnhancedPermsetMgmt boolean If you enable Enhanced Permission Set Component Views (true), you can work with permission sets more easily. For example, when you have large numbers of Apex class assignments for permission sets, you can enable a paginated result set, standard filtering, and sorting.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
LastModifiedDate number The time when the UserProvisioningConfig was last modified by a user
SystemModstamp number The time when the UserProvisioningConfig was last modified by a user or an automated process (such as a trigger)
approvalRequired string Denotes whether approvals are required for provisioning users for the associated connected app. If the value is null, no approval is required.
DeveloperName string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
ReconFilter string When collecting and analyzing users on a third-party system, the plug-in uses this filter to limit the scope of the collection.
Id string The unique identifier of UserProvisioningConfig.
Language string The two- to five-character code that represents the language and locale ISO. This code controls the language for labels displayed in an application.
MasterLabel string The primary label for this object. This value is the internal label that doesn't get translated.
OnUpdateAttributes string Lists the user attributes, as comma-separated values, that generate a UserProvisioningRequest object during an update.
CreatedById string User The unique identifier (id) for the User who created the UserProvisioningConfig.
LastModifiedById string User The unique identifier (id) for the User who modified the UserProvisioningConfig recently.
ConnectedAppId string ConnectedApplication The 18-digit application ID for the connected app.
Enabled boolean Indicates whether user provisioning is enabled for the associated connected app (true) or not (false).
EnabledOperations string Lists the operations, as comma-separated values, that create a user provisioning request for the associated connected app. Allowed values are: Create, Update, EnableAndDisable (activation and deactivation), SuspendAndRestore (freeze and unfreeze).
LastReconDateTime number The date and time when user accounts were last reconciled between Salesforce and the target system.
NamespacePrefix string The namespace prefix that is associated with this object. Each Developer Edition org that creates a managed package has a unique namespace prefix. Limit: 15 characters. You can refer to a component in a managed package by using the namespacePrefix__componentName notation.
UserAccountMapping string Stores the attributes used to link the Salesforce user to the account on the third-party system, in JSON format.
CreatedDate number The time when the UserProvisioningConfig was created
NamedCredentialId string Salesforce ID of the named credential that's used for a request. The named credential identifies the third-party system and the third-party authentication settings.
Notes string A utility field for administrators to add any additional information about the configuration. This field is for internal reference only, and is not used by any process.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
DeveloperName string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
PortalAccountOwnerId string The ID of the role's associated portal account's owner.
MayForecastManagerShare boolean Indicates whether the forecast manager can manually share their own forecast.
PortalAccountId string The ID of the role's associated portal account.
PortalType string This value indicates the type of portal for the role: None, CustomerPortal, Partner.
OpportunityAccessForAccountOwner string The opportunity access level for the account owner. Note that you can't set a user role with an opportunity access less than that specified in organization-wide defaults.
RollupDescription string Description of the forecast rollup
ParentRoleId string The ID of the parent role.
CaseAccessForAccountOwner string The case access level for the account owner.
ContactAccessForAccountOwner string The contact access level for the account owner.
ForecastUserId string The ID of the forecast manager associated with this role.
Id string The unique identifier of UserRole.
LastModifiedById string User The unique identifier (id) for the User who modified the UserRole.
LastModifiedDate number The time when the User was last modified by a user
Name string Name of the role.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION