ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableRelateContactToMultipleAccounts | boolean | Indicates whether users can relate a contact to multiple accounts (true) or only one account (false). The default value is false. If this feature (Contacts to Multiple Accounts) is disabled, secondary contact-account relationships created while the feature was enabled are deleted. Available in API version 47.0 and later. Avoid using the Metadata API to enable this feature. Use the Account Settings page in Setup to enable Contacts to Multiple Accounts. | |
enableAccountOwnerReport | boolean | Indicates whether Account Owner Report can (true) or can't (false) be run by all users. | |
enableAccountHistoryTracking | boolean | Indicates whether history tracking is enabled for accounts (true) or not (false). The default value is false. If history tracking is disabled, the History related list is removed from account page layouts. However, history data is still available for reporting up to the date and time when tracking was disabled. Available in API version 47.0 and later. | |
enableContactHistoryTracking | boolean | Indicates whether history tracking is enabled for contacts (true) or not (false). Available in API version 46.0 and later. | |
showViewHierarchyLink | boolean | Indicates whether the default View Hierarchy link on all business account detail pages is visible (true) or hidden (false). | |
enableAccountTeams | boolean | Indicates whether account teams are enabled (true) or not (false). The Metadata API can't be used to disable account teams. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableDragAndDropScheduling | boolean | Lets users create events associated with records by dragging a record from a list view onto a calendar view and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Admins control this field on the User Interface settings page. | |
enableGroupTasks | boolean | Lets users assign independent copies of a new task to multiple users. Admins control this field on the Activity Settings page. | |
enableRollUpActivToContactsAcct | boolean | Enables a contact's activities to be rolled up and displayed on the contact's primary account. Default value is true. Available in API versions 47.0 and later. | |
showCustomLogoMeetingRequests | boolean | Displays a custom logo in meeting request emails and on a meeting's Web page. Invitees see the logo when a user either invites them to an event or requests a meeting. Admins control this field on the Activity Settings page. | |
showHomePageHoverLinksForEvents | boolean | In the calendar section of the Home tab. When a user hovers over the subject of an event, a hover link displays an overlay with selected event details. (Hover links are always available in other calendar views.) When a user clicks the subject of an event, displays the event detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page. | |
enableUNSTaskDelegatedToNotifications | boolean | On the Activity Settings page, exposes a setting for Admins to hide or show a user setting that lets individual users enable or disable email notifications when tasks are assigned to them. | |
showMyTasksHoverLinks | boolean | In the My Tasks section of the Home tab and on the calendar day view. When a user hovers over the subject of a task, a hover link displays an overlay with selected task details. When a user clicks the subject of a task, displays the task detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page. | |
enableEmailTracking | boolean | Enables tracking of outbound HTML emails if an organization uses HTML email templates. Admins control this field on the Activity Settings page. | |
enableActivityReminders | boolean | Enables popup activity reminders for an organization. Admins control this field on the Activity Settings page. | |
enableListViewScheduling | boolean | Extends the functionality of enableDragAndDropScheduling and enableClickCreateEvents to list view calendars. Admins control this field on the User Interface settings page. | |
enableRecurringEvents | boolean | Enables creation of events that repeat at specified intervals. Admins control this field on the Activity Settings page. | |
enableSimpleTaskCreateUI | boolean | Allows admins to specify whether tapping New Task in Salesforce opens a regular task record edit page or a page that displays key task fields first. Admins control this field on the Activity Settings page. | |
enableMultidayEvents | boolean | Enables creation of events that end more than 24 hours after they start. Admins control this field on the Activity Settings page. | |
enableSidebarCalendarShortcut | boolean | In the sidebar, displays a shortcut link to a user's last-used calendar view. Admins control this field on the Activity Settings page. | |
enableUserListViewCalendars | boolean | Allows users to create and view user list view calendars in Lightning Experience. Available in API versions 47.0 and later | |
allowUsersToRelateMultipleContactsToTasksAndEvents | boolean | This field indicates whether Shared Activities is enabled. When the value is true, allows users to relate multiple contacts to a task or event. | |
autoRelateEventAttendees | boolean | When users add attendees to events, events are automatically related to up to 50 contacts or one lead. An attendee is matched by their email address to a contact or lead. Admins control this field on the Activity Settings page. Available in API version 42.0 and later. | |
enableClickCreateEvents | boolean | Lets users create events in day and weekly calendar views by double-clicking a specific time slot and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Does not support recurring events or multi-person events. Admins control this field on the User Interface settings page. | |
enableRecurringTasks | boolean | Enables creation of tasks that repeat at specified intervals. Admins control this field on the Activity Settings page. | |
showEventDetailsMultiUserCalendar | boolean | Displays event details on-screen rather than in hover text. Admins control this field on the Activity Settings page. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableApexApprovalLockUnlock | boolean | Indicates whether approval process lock and unlock operations from Apex code are allowed (true) or not (false). The default value is false. | |
enableCompileOnDeploy | boolean | Indicates whether Apex code is automatically recompiled (true) or not (false). When set to true, code is recompiled before completing a metadata deployment, change set deployment, package installation, or package upgrade. The default value is true for production orgs and false for others. | |
enableAuraApexCtrlAuthUserAccessCheckPref | boolean | Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile critical update is activated (true) or not (false). | |
enableGaplessTestAutoNum | boolean | Indicates whether autonumbering gaps are prevented by Apex test executions not incrementing autonumber fields for non-test records (true) or not (false). The default value is true. | |
enableMngdCtrlActionAccessPref | boolean | Indicates whether the Disable Access to Non-global Apex Controller Methods in Managed Packages critical update is activated (true) or not (false). | |
enableNonCertifiedApexMdCrud | boolean | Indicates whether Apex classes can access metadata, public or protected, through classes in the Metadata namespace (true) or not (false). The default value is false. | |
enableApexPropertyGetterPref | boolean | Indicates whether the Enforce Access Modifiers on Apex Properties in Lightning Component Markup critical update is activated (true) or not (false). | |
enableApexCtrlImplicitWithSharingPref | boolean | Indicates whether the Use with sharing for @AuraEnabled Apex Controllers with Implicit Sharing critical update is activated (true) or not (false) | |
enableDoNotEmailDebugLog | boolean | Indicates whether Apex debug log details are suppressed in unhandled exception emails (true) or not (false). The default value is false. | |
enableAggregateCodeCoverageOnly | boolean | Indicates whether aggregate (not detailed) totals are tracked for Apex test coverage data (true) or not (false). The default value is false. | |
enableAuraApexCtrlGuestUserAccessCheckPref | boolean | Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Guest and Portal Users Based on User Profile critical update is activated (true) or not (false). | |
enableDisableParallelApexTesting | boolean | Indicates whether Apex tests are serially executed (true) or not (false). The default value is false. | |
enableSecureNoArgConstructorPref | boolean | Indicates whether Apex type visibility rules are strictly enforced for the Type.newInstance method (true) or not (false). The default value is false. When enabled, regardless of API version, you can instantiate only Apex classes with a no-arguments constructor that is visible to the code running Type.newInstance. Available in API version 48.0 and later. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
caSigned | boolean | Required. Indicates whether this certificate is signed by the issuer (true) or not (false). | |
fullName | string | Unique identifier for the certificate | |
expirationDate | number | The date the certificate expires and is no longer usable. | |
keySize | number | The size of the key in bits. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableRichLinkPreviewsInFeed | boolean | Indicates whether to convert links in posts into embedded videos, images, and article previews (true) or not to convert the links (false). In Setup, enableRichLinkPreviewsInFeed equates to the Chatter setting Allow Rich Link Previews. | |
unlistedGroupsEnabled | boolean | Indicates whether to allow the creation of unlisted groups (true) or to prevent their creation (false). When the value is set to true, users can create unlisted groups. Unlisted groups don't appear on the Groups list page. Membership in unlisted groups is by invitation only. In Setup, unlistedGroupsEnabled equates to the Chatter setting Enable Unlisted Groups. | |
enableFeedEdit | boolean | Indicates whether qualified users can edit feed posts and comments (true) or not (false). Qualified users include. The author of the post or comment. The person who owns the record that was posted to or commented on. The Chatter or site moderator. In Setup, enableFeedEdit equates to the Chatter setting Allow users to edit posts and comments. | |
enableFeedsRichText | boolean | Indicates whether to use the Rich Text Editor in the Chatter Publisher (true) or not (false). The rich text editor supports text formats, inline images, hyperlinks, and, when enabled for the org, code snippets. In Setup, enableFeedsRichText equates to the Chatter setting Allow users to compose rich text posts. | |
enableOutOfOfficeEnabledPref | boolean | Indicates whether to add an Out of Office setting to a user profile page (true), or to omit it (false). When the value is set to true, this option adds a control to user profile pages for setting a personal out-of-office message. In Setup, enableOutOfOfficeEnabledPref equates to the Chatter setting Users can set Out of Office message. | |
enableTodayRecsInFeed | boolean | Indicates whether to allow the posting of recommendations for using the Salesforce Today app in users' feeds (true) or not (false). When set to true, automatically posts recommendations for using the Salesforce Today app in users' feeds. In Setup, enableTodayRecsInFeed equates to the Chatter setting Allow Today Recommendations. | |
allowChatterGroupArchiving | boolean | Indicates whether manual and automatic group archiving are allowed on all Chatter groups (true) or aren't allowed (false). | |
enableFeedPinning | boolean | Indicates whether to allow the pinning of posts in a feed (true) or not (false). When set to true. Authorized users can pin posts to the top of the feed. The feed supports up to three pinned posts. Pinned posts stay pinned until they're unpinned. After post pinning is enabled, authorized users include admins and group owners and managers. Admins can also assign post pinning permission through permission sets or user profiles. In Setup, enableFeedPinning equates to the Chatter setting Allow post pinning. | |
enableInviteCsnUsers | boolean | Indicates whether a licensed user can invite customers to private groups that the licensed user owns or manages (true) or not (false). When the value is set to true, licensed users can invite customers who are from outside org email domains. Invited customers can see information only in the groups that they're invited to. They can interact only with members of those groups. In Setup, enableInviteCsnUsers equates to the Chatter setting Allow customer invitations. | |
enableChatter | boolean | Indicates whether Chatter is enabled for your org (true) or not (false). | |
enableChatterEmoticons | boolean | Indicates whether the automatic conversion of text characters, such as :), into a graphic emoticon is allowed in Chatter (true) or isn't allowed (false). In Setup, enableChatter equates to the Chatter setting Allow Emoticons. | |
enableFeedsDraftPosts | boolean | Indicates whether draft posts are automatically saved every seven seconds (true) or not (false). When set to true. Adds the My Drafts feed to the Chatter tab. Saves draft posts automatically every seven seconds. Makes drafts available in the My Drafts feed. When the user posts the entry, the draft is automatically removed from the My Drafts feed. In Setup, enableFeedsDraftPosts equates to the Chatter setting Allow draft posts. | |
allowRecordsInChatterGroup | boolean | Indicates whether records can be associated with groups (true), or not (false). If groups already have record data, setting this field to false doesn't delete it. In Setup, allowRecordsInChatterGroup equates to the Chatter setting Allow Records in Groups. | |
enableCaseFeedRelativeTimestamps | boolean | In Case feeds, indicates whether to use relative (true) or absolute (false) date and time stamp formats on Case feed items. When the value is true, Case feed items show a relative timestamp (for example, 10m ago). When the value is true, users can hover over the relative timestamp to see the absolute. When the value is false, Case feed items show an absolute timestamp (for example, January 7, 2020 at 12:15PM). When you change this setting, all timestamps in Case feeds reflect that change. The default value is true. This field is available in API version 48.0 and later. In Setup, enableCaseFeedRelativeTimestamps equates to the Chatter setting Show relative timestamp |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableGuestRecordReassignOrgPref | boolean | When true, allows admins to set a default owner for records created by guest users. Available in API version 48.0 and later. | |
enableInviteChatterGuestEnabled | boolean | When true, allows guest users to be invited to use Chatter. Available in API version 48.0 and later. | |
enableNetworksEnabled | boolean | When true, allows users to enable digital experiences. Available in API version 47.0 and later. | |
enablePRMAccRelPref | boolean | When true, enables Account Relationship object and Account Relationship Data Sharing Rule setup options. Available in API version 48.0 and later. | |
enableCspContactVisibilityPref | boolean | When true, allows users to see contacts from private accounts that they have read access to, when the contact is controlled by the parent record. Available in API version 48.0 and later. | |
enableEnablePRM | boolean | When true, allows admins to enable partner users. Available in API version 48.0 and later. | |
enableExternalAccHierPref | boolean | When true, enables the External Account Hierarchy object. Available in API version 48.0 and later. | |
enableOotbProfExtUserOpsEnable | boolean | When true, allows use of standard external profiles for self-registration and user creation. Available in API version 48.0 and later. | |
enableRelaxPartnerAccountFieldPref | boolean | When true, allows editing for partner account fields on and opportunities and leads. Available in API version 48.0 and later. | |
enableCspNotesOnAccConPref | boolean | When true, allows customer users to access notes and attachments associated with accounts and contacts. Available in API version 48.0 and later. | |
enableNetPortalUserReportOpts | boolean | When true, allows external users in Experience Cloud sites, with permission, to run reports. Available in API version 48.0 and later. | |
applyLoginPageTypeToEmbeddedLogin | boolean | When true, applies the Experience Cloud site login page type (default, Login Discovery, Experience Builder, or Visualforce) to all Embedded Login implementations. When false, applies the username and password login page type to all Embedded Login implementations. For orgs created before the Salesforce Summer '20 release, the default setting is false. For new orgs, the default setting is true. Available in API version 49.0 and later. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
id | string | id is the unique identifier of the connected app. | |
attributes | object | A custom attribute of the connected app. Represents the field names that make up a custom attribute when using SAML with a ConnectedApp. Tailor these values to a specific service provider. | |
formula | string | The value of the attribute. | |
key | string | The attribute's identifier. | |
description | string | An optional description for your app. | |
mobileStartUrl | string | Users are directed to this URL after they've authenticated when the app is accessed from a mobile device. If you don't give a URL, the user is sent to the app's default start page after authentication completes. If the connected app that you're creating is a canvas app, then you can leave this field blank. The Canvas App URL field contains the URL that gets called for the connected app. | |
permissionSetName | string | Specifies the permissions required to perform different functions with the connected app. | |
plugin | string | The name of a custom Apex class that extends Auth.ConnectedAppPlugin to customize the behavior of the app. | |
samlConfig | object | Specifies how an app uses single sign-on. | |
samlNameIdFormat | string | Indicates the format the service provider (SP) requires for the user's single sign-on identifier. | |
samlSubjectType | string | The single sign-on identifier for the user. | |
acsUrl | string | The assertion consumer service URL from the service provider. | |
encryptionCertificate | string | The name of the certificate to use for encrypting SAML assertions to the service provider. This certificate is saved in the organization's Certificate and Key Management list. | |
encryptionType | string | When Salesforce is the identity provider, the SAML configuration can specify the encryption method used for encrypting SAML assertions to the service provider. The service provider detects the encryption method in the SAML assertion for decryption. | |
issuer | string | A URI that sends the SAML response. A service provider can use this URI to determine which identity provider sent the response. | |
samlIdpSLOBinding | string | The SAML HTTP binding type from the service provider used for single logout. | |
samlSigningAlgoType | string | Indicates the signing algorithm applied to SAML requests and responses when Salesforce is the identity provider. | |
samlSloUrl | string | The SAML single-logout endpoint of the connected app service provider (SP). This endpoint is where SAML LogoutRequests and LogoutResponses are sent when users log out of Salesforce. The SP provides this endpoint. | |
samlSubjectCustomAttr | string | If the samlSubjectType is CustomAttr, include that custom value here; otherwise, leave empty. | |
certificate | string | The PEM-encoded certificate string, if the app uses a certificate. | |
entityUrl | string | The entity ID from your service provider. | |
startUrl | string | If the app isn't accessed from a mobile device, users are directed to this URL after they've authenticated. | |
canvasConfig | object | The configuration options of the connected app if it's exposed as a canvas app. | |
lifecycleClass | string | The name of the Canvas.CanvasLifecycleHandler Apex class. | |
locations | string | Indicates where the canvas app can appear to the user. | |
options | string | Indicates whether to hide the share button and header in the publisher for your canvas app, and whether the app is a canvas personal app. | |
samlInitiationMethod | string | If you're using SAML single sign-on (SSO), indicates which provider initiates the SSO flow. | |
accessMethod | string | Indicates how the canvas app initiates the OAuth authentication flow. | |
canvasUrl | string | The URL of the third-party app that's exposed as a canvas app. | |
contactPhone | string | The phone number for Salesforce to use to contact you. | |
iconUrl | string | Reserved for future use. | |
infoUrl | string | An optional URL for a web page with more information about your app. | |
ipRanges | list<object> | Specifies the ranges of IP addresses that can access the app without requiring the user to authenticate with the connected app. | |
description | string | Use this field to identify the purpose of the range, such as which part of a network corresponds to this range. | |
startAddress | string | The first address in the IP range, inclusive. | |
endAddress | string | The last address in the IP range, inclusive. | |
pluginExecutionUser | string | Specifies the user to run the plugin as. | |
sessionPolicy | object | Specifies the configuration options for a connected app's session policies. Use these policies to define how long a user's session can last before reauthenticating, to block user access to the connected app, or to require multi-factor authentication (MFA) to access the app. | |
policyAction | string | If the High Assurance session security level is applied to the connected app, specify associated high assurance action. | |
sessionLevel | string | Applies the High Assurance session security level to the connected app. This session level requires users to verify their identity with multi-factor authentication when they log in to the connected app. | |
sessionTimeout | number | The length of time the connected app's session lasts. | |
contactEmail | string | Required. The email address Salesforce uses for contacting you or your support team. | |
oauthConfig | object | Represents the field names that configure how your connected app communicates with Salesforce. | |
isPkceRequired | boolean | Determines whether the Proof Key for Code Exchange (PKCE) extension is required for variations of the OAuth 2.0 authorization code flow configured for the connected app, including the web server flow and Authorization Code and Credentials Flow. For public client apps that can't keep the consumer secret confidential, such as mobile apps, the PKCE extension helps ensure that the client that initiates an authorization flow is the same client that completes it. For this reason, we always recommend implementing PKCE for public clients. We also strongly recommend that you implement PKCE for private clients. If set to true, the PKCE extension is required and any authorization code flow variations that don't implement it fail. If set to false, you can still implement PKCE but it isn't required. The default value is false. This field is available in API version 59.0 and later. | |
singleLogoutUrl | string | The single logout endpoint. This URL is the endpoint where Salesforce sends a logout request when users log out of Salesforce. | |
callbackUrl | string | The endpoint that Salesforce calls back to your connected app during OAuth; it's the OAuth redirect_uri. | |
isClientCredentialEnabled | boolean | If set to true, the connected app can use the OAuth 2.0 client credentials flow. To use the client credentials flow, you must also specify a user for oauthClientCredentialUser. If set to false (default), the connected app can't use the client credentials flow. | |
scopes | list<object> | A list of scopes associated with the connected app. The scopes refer to permissions given by the user running the connected app. | |
scope | string | The name of the scope. | |
consumerSecret | string | A value that is combined with the consumerKey and used by the consumer for identification to Salesforce. | |
isCodeCredentialPostOnly | boolean | For the Authorization Code and Credentials Flow, determines whether the user's credentials must be sent in the body of the initial HTTPS POST request to the Salesforce authorization endpoint. Requiring the credentials in the POST body instead of in the header improves security. If set to true, the user's credentials must be included in the POST body. The default value is false. | |
isNamedUserJwtEnabled | boolean | If set to true, the connected app is enabled to issue JSON Web Token (JWT)-based access tokens. For installed apps, JWT-based access tokens must also be enabled in your connected app policies. This field is generally available in API version 59.0 and later. | |
isConsumerSecretOptional | boolean | If set to false (default setting), the connected app's client secret is required in exchange for an access token in the OAuth 2.0 web server flow. | |
isSecretRequiredForRefreshToken | boolean | If set to true (default), the app's client secret is required in the authorization request of a refresh token and hybrid refresh token flow. If set to false and an app sends the client secret in the authorization request, Salesforce still validates it. | |
certificate | string | The PEM-encoded certificate string, if the app uses a certificate. | |
consumerKey | string | A value used by the consumer for identification to Salesforce. | |
idTokenConfig | object | Specifies the ID token configuration for the connected app OAuth settings. | |
idTokenValidity | number | The length of time that the ID token is valid for after it's issued. The value can be from 1 to 720 minutes. The default is 2 minutes. | |
idTokenAudience | string | The audiences that this ID token is intended for. | |
idTokenIncludeAttributes | boolean | Indicates whether attributes are included in the ID token. | |
idTokenIncludeCustomPerms | boolean | Indicates whether custom permissions are included in the ID token. | |
idTokenIncludeStandardClaims | boolean | Indicates whether standard claims about the authentication event are included in the ID token. | |
isAdminApproved | boolean | If set to false (default setting), anyone in the org can authorize the app. Users must approve the app the first time they access it. If set to true, only users with the appropriate profile or permission set can access the app. These users don't have to approve the app before they can access it. | |
isCodeCredentialEnabled | boolean | Determines whether the app can use the Authorization Code and Credentials Flow to provide identity services to headless, off-platform apps. The Authorization Code and Credentials Flow is the foundation of headless login, headless registration, headless passwordless login, and headless guest identity. If set to true, the connected app can use the Authorization Code and Credentials Flow and all associated Headless Identity features. The default value is false. This field is available in API version 57.0 and later | |
isIntrospectAllTokens | boolean | If set to true, authorizes the connected app to introspect all access and refresh tokens within the entire org. If set to false (default), the connected app can introspect its own tokens. | |
assetTokenConfig | object | Specifies an OAuth asset token configuration for the connected app OAuth settings. | |
assetAudiences | string | The audience claim associated with the asset token payload. This claim identifies who the JWT is intended for. | |
assetIncludeAttributes | boolean | If set to true (default setting), custom attributes associated with the connected app are included in the asset token payload. If set to false, these attributes aren't included. | |
assetIncludeCustomPerms | boolean | If set to true (default setting), custom permissions associated with the connected app are included in the asset token payload. If set to false, these permissions aren't included. | |
assetSigningCertId | string | The ID of the JWT certificate's signing secret. | |
assetValidityPeriod | number | The asset token's validity period. The validity must be the expiration time of the assertion within 3 minutes, expressed as the epoch number. | |
label | string | Required. The name of the app. | |
logoUrl | string | An optional logo for the app. The logo appears with the app's entry in the list of apps and on the consent page the user sees when authenticating. The URL must use HTTPS, and the logo can't be larger than 125 pixels high or 200 pixels wide. The default logo is a cloud. | |
oauthPolicy | object | Specifies Oauth access policies associated with your connected app. | |
ipRelaxation | string | Specifies whether a user's access to the connected app is restricted by IP ranges. | |
refreshTokenPolicy | string | Specifies how long a refresh token is valid for. | |
singleLogoutUri | string | If single logout is enabled, specify the single logout URL. | |
profileName | string | Specifies the profile (base-level user permissions) required to perform different functions with the connected app. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
appID | string | The unique identifier of Connected Application | |
riskLevel | string | The risk level associated with the Connected Application. | |
permissions | list<string> | The permissions associated with the Connected Application. | |
connectedAppName | string | Name of the Connected Application. | |
riskScore | number | The risk score associated with the Connected Application. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableAdminApprovedAppsOnly | boolean | If false (default), any connected app can call the Salesforce API. If true, only apps that have been approved or installed by the admin can call the Salesforce API. To access this field, you must contact Salesforce Customer Support to enable API Access Control. | |
enableAdminApprovedAppsOnlyForExternalUser | boolean | If false (default), authenticated customers or partners can use any unblocked connected app to access the Salesforce API. If true, authenticated customers and partners can't access the Salesforce API unless they use a connected app that is installed in the org and unblocked. Install and unblock connected apps on the Connected Apps OAuth Usage page. To access this field, you must contact Salesforce Customer Support to enable API Access Control. | |
enableSkipUserProvisioningWizardWelcomePage | boolean | If false (default), the User Provisioning Wizard Welcome page shows up when you access the wizard. To skip the welcome page in the future, you can select Do not show me this next time. If true, the Welcome page doesn't show up the next time that you access the wizard. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CreatedById | string | User | The unique identifier (id) for the User who created the Connected Application. |
Name | string | The unique name for this object. | |
PinLength | number | For mobile apps, this field is the PIN length requirement for users of the connected app. Valid values are 4, 5, 6, 7, or 8. | |
Id | string | The unique identifier of Connected Application | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the Connected Application recently. |
CreatedDate | number | The time when the Connected Application was created | |
SystemModstamp | number | The time when the Connected Application was last modified by a user or an automated process (such as a trigger) | |
OptionsAllowAdminApprovedUsersOnly | boolean | Indicates whether access is limited to users granted approval to use the connected app by an administrator. Manage profiles for the app by editing each profile's Access list. | |
OptionsRefreshTokenValidityMetric | boolean | Specifies whether the refresh token validity is based on duration or inactivity. If true, the token validity is measured based on the last use of the token; otherwise, it is based on the token duration. | |
RefreshTokenValidityPeriod | number | The duration of an authorization token until it expires in hours, months, or days as set in the connected app management page. | |
MobileStartUrl | string | Users are directed to this URL after they've authenticated when the app is accessed from a mobile device. | |
OptionsHasSessionLevelPolicy | boolean | Specifies whether the connected app requires a High Assurance level session. | |
LastModifiedDate | number | The time when the Connected Application was last modified by a user | |
MobileSessionTimeout | string | Length of time after which the system logs out inactive mobile users | |
StartUrl | string | If the app is not accessed from a mobile device, users are directed to this URL after they've authenticated. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
canAccessMicrophone | boolean | Indicates whether this CspTrustedSite can access the user microphone (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantMicrophoneAccess field equals TrustedUrls in the SecuritySettings metadata API type. | |
context | string | Declares the scope of the CSP directives for this trusted URL. All-Apply the CSP directives to all supported context types. Communities-Apply the CSP directives to Experience Builder sites only. FieldServiceMobileExtension-Apply the CSP directives to the Field Service Mobile Extensions only. LEX-Apply the CSP directives to Lightning Experience pages only. VisualForce-Apply the CSP directives to custom Visualforce pages only. | |
isActive | boolean | Indicates whether this CspTrustedSite is active (true) or not (false). The default value is true. | |
isApplicableToStyleSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load style sheets from this trusted URL (true) or not (false). This field has a default value of false. | |
id | string | The unique id of this trusted URL. | |
canAccessCamera | boolean | Indicates whether this CspTrustedSite can access the user camera (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantCameraAccess field equals TrustedUrls in the SecuritySettings metadata API type. | |
isApplicableToMediaSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load audio and video from this trusted URL (true) or not (false). This field has a default value of false. | |
description | string | The description of this trusted URL. | |
endpointUrl | string | The URL for this CspTrustedSite. This field must include a domain name and can include a port. | |
isApplicableToConnectSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load URLs using script interfaces from this trusted URL (true) or not (false). This field has a default value of false. | |
isApplicableToFontSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load fonts from this trusted URL (true) or not (false). This field has a default value of false. | |
isApplicableToFrameSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load resources contained in iframe elements from this trusted URL (true) or not (false). This field has a default value of false. | |
isApplicableToImgSrc | boolean | Indicates whether Lightning components, third-party APIs, and WebSocket connections can load images from this trusted URL (true) or not (false). This field has a default value of false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
label | string | Required. The delegated group's non-API name. | |
roles | list<string> | The roles and subordinates for which delegated administrators of the group can create and edit users. | |
loginAccess | boolean | Required. Allows users in this group to log in as users in the role hierarchy that they administer (true) or not (false). Depending on your organization settings, individual users must grant login access to allow their administrators to log in as them. | |
permissionSets | list<string> | The permission sets assignable to users in specified roles and all subordinate roles by delegated administrators. | |
profiles | list<string> | The profiles assignable to users by delegated administrators. | |
id | string | Unique identifier for the DelegateGroup | |
fullName | string | Name of the DelegateGroup | |
customObjects | list<string> | The custom objects associated with the group. Delegated administrators can customize nearly every aspect of each of those custom objects, including creating a custom tab. However, they cannot create or modify relationships on the objects or set organization-wide sharing defaults. Delegated administrators must have access to custom objects to access the merge fields on those objects from formulas. | |
groups | list<string> | The groups with users assigned by delegated administrators. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CreatedDate | number | The time when the DelegateGroupMember was created. | |
UserOrGroupId | string | User | The reference indicating the user id of the delegated administrator for the delegate group currently. Group is reserved for future development by Salesforce. |
Id | string | The unique identifier of DelegateGroupMember. | |
DelegateGroupId | string | DelegateGroup | The id of the associated delegate group. |
SystemModstamp | number | The time when the DelegateGroupMember was last modified by a user or an automated process (such as a trigger). | |
CreatedById | string | User | The unique identifier (id) for the User who assigned the user to DelegateGroup. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableEmailSpfCompliance | boolean | Indicates whether outgoing emails comply with Sender Policy Framework (SPF) email authentication (true) or not (false). This field has a default value of true. | |
enableComplianceBcc | boolean | Indicates whether a copy of each outbound email message is sent to an email address you specify (true) or not (false). This field has a default value of false. | |
enableHtmlEmail | boolean | Indicates whether users receive Email-To-Case emails in HTML format (true) or receive a text version instead (false). This field has a default value of false. When this field is set to true, users receive a warning message about potential malicious HTML before they view incoming HTML email content. | |
enableRestrictTlsToDomains | boolean | Indicates whether the selected Transport Layer Security (TLS) setting applies only to specific domains (true) or applies to all domains (false). This field has a default value of false. | |
enableEmailSenderIdCompliance | boolean | Indicates whether outgoing emails comply with Sender ID email protocols (true) or not (false). This field has a default value of false. To enable this preference, enableEmailSpfCompliance must be set to true. | |
enableEmailToSalesforce | boolean | Indicates whether Email to Salesforce is enabled (true) or disabled (false). This field has a default value of false. | |
enableEmailWorkflowApproval | boolean | Indicates whether users can respond to email approval requests directly from their email (true) or not (false). This field has a default value of false. | |
enableEnhancedEmailEnabled | boolean | Indicates whether Enhanced Email is enabled (true) or not (false). Default value is true. | |
enableResendBouncedEmails | boolean | Indicates whether the system forwards a copy of each bounced email message to the sender (true) or only displays the bounce alert (false). This field has a default value of false. To enable this preference, enableHandleBouncedEmails must be set to true. | |
enableSendViaExchangePref | boolean | Indicates whether users can use Office 365 to send emails (true) or not (false). Default value is false. | |
enableEmailConsentManagement | boolean | Indicates whether Enforce Email Privacy Settings is enabled (true) or not (false). When enabled, Salesforce respects each recipient's email privacy preferences. Default value is false. | |
enableHandleBouncedEmails | boolean | Indicates whether emails sent from Salesforce to an invalid email address bounce back to Salesforce (true) or not (false) . This field has a default value of true. With bounce handling enabled, reps know which lead, contact, or person account has a bad email address, and they know which specific email wasn't delivered. | |
enableInternationalEmailAddresses | boolean | Indicates whether non-Latin-based characters are allowed in email addresses (true) or not (false) when sending emails to and from Salesforce. This field has a default value of true in orgs created in Summer '20 or later. In orgs created in Spring '20 or earlier, the default value is false. Available in API version 49.0 and later. | |
enableSendViaGmailPref | boolean | Indicates whether users can use Gmail to send emails (true) or not (false). Default value is false. | |
enableUseOrgFootersForExtTrans | boolean | Indicates whether emails sent through external email services (such as Gmail or Office 365) include the Salesforce footer (true) or not (false). This field has a default value of false. | |
sendMassEmailNotification | boolean | Indicates whether users receive an auto-generated status email from Salesforce for each mass email they send (true) or not (false). This field has a default value of true. | |
enableListEmailLogActivities | boolean | Indicates whether Salesforce logs sent list emails as activities (true) or not (false). Default value is true. | |
sendTextOnlySystemEmails | boolean | Indicates whether all system emails are sent via text only (true) or allow other formats (false). This field has a default value of false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Host | string | Indicates the host name or IP address of your company's SMTP server | |
IsRequireAuth | boolean | Indicates whether (true) or not (false) authentication is required. When setting this field to true, the TlsSetting must be set to RequiredVerify. | |
TlsSetting | string | Specifies whether Salesforce uses TLS for SMTP sessions. Possible values include: Off, Preferred, Required, PreferredVerify, RequiredVerify. | |
Username | string | Specifies the username for relay host STMP authentication. When IsRequireAuth is set to true, this field is required. | |
AuthType | string | Specifies which SASL mechanism Salesforce uses for SMTP authentication. This field is available when Enable SMTP Auth is selected. Possible values include: PLAIN, LOGIN. | |
Port | string | Indicates the port number of your company's SMTP server. Possible values include: 25, 587, 10025, 11025. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
canOptOutOfDerivationWithBYOK | boolean | Indicates that users can opt out of key derivation processes on a key-by-key basis when they upload key material (true) or can't (false). The default value is false. | |
enableCacheOnlyKeys | boolean | Indicates whether the Cache-Only Key Service is available (true) or not (false). The default value is false. If set to true, users can configure a cache-only key callout connection and apply key material stored outside of Salesforce to data on demand. | |
enableReplayDetection | boolean | Indicates whether cache-only key callouts are protected from replay attacks by a nonce (true) or not (false). Requires enableCacheOnlyKeys='true' before setting enableReplayDetection to true. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableLoginForensics | boolean | Enables (true) or disables (false) the Login Forensics feature. Login Forensics helps you track and audit your org's user login activity. Default value is false. Available in API versions 47.0-49.0. | |
enableStreamingApi | boolean | Enables (true) or disables (false) Streaming API in the org. Default value is true. | |
enableDeleteMonitoringData | boolean | Allows (true) or disallows (false) users to delete event log files and LoginEvent data. Users require the Delete Event Monitoring Records user permission, which is available when this setting is enabled. Default value is false. | |
enableTransactionSecurityPolicies | boolean | Enables (true) or disables (false) the ability to create and use transaction security policies in the Salesforce UI. Default value is false. | |
enableDynamicStreamingChannel | boolean | Enables (true) or disables (false) the dynamic creation of a streaming channel when you subscribe to generic streaming. Default value is false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
dispositions | object | Represents the metadata used to manage file type behavior. | |
behavior | string | File download behavior | |
filetype | string | The file type that this disposition applies to | |
securityRiskFiletype | boolean | Indicates file types that cannot have behavior set to EXECUTE, due to security risks. | |
noHtmlUploadAsAttachment | boolean | Indicates whether to allow HTML uploads as attachments or document records. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
DeveloperName | string | The name of the object in the API. This name is unique by group type and corresponds to Group Name in the user interface. | |
LastModifiedDate | number | The time when the Group was last modified by a user | |
DoesSendEmailToMembers | string | Indicates whether the email is sent (true) or not sent (false) to the group members. The email is sent to queue members as well. | |
Id | string | The unique identifier of Group. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the Group. |
OwnerId | string | ID of the user who owns the group. | |
Type | string | Required. Type of the group. One of the following values: ["AllCustomerPortal", "ChannelProgramGroup", "CollaborationGroup", "Manager", "ManagerAndSubordinatesInternal", "Organization","Participant","PRMOrganization","Queue","Regular","Role","RoleAndSubordinates","RoleAndSubordinatesInternal","Territory","TerritoryAndSubordinates"] | |
DoesIncludeBosses | string | Indicates whether the managers have access (true) or do not have access (false) to records shared with members of the group. | |
boolean | Email address for a group of type Case. Applies only for a case queue. | ||
RelatedId | string | Represents the ID of the associated groups. For groups of type "Role" the ID of the associated UserRole. The RelatedId field is polymorphic. | |
CreatedById | string | User | The unique identifier (id) for the User who created the Group. |
CreatedDate | number | The time when the Group was created. | |
Name | string | Required. Name of the group. Corresponds to Label on the user interface. | |
SystemModstamp | number | The time when the Group was last modified by a user or an automated process (such as a trigger). |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
UserOrGroupId | string | User Group | ID of the User or Group that is a direct member of the group. |
SystemModstamp | number | The time when the GroupMember was created. | |
MemberType | string | Custom field added by SPM product to identify Type of member. | |
Id | string | The unique identifier of GroupMember. | |
GroupId | string | Group | ID of the Group. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableAuraCDNPref | boolean | Indicates whether Lightning Experience and other apps use a content delivery network (CDN) to serve the static content for Lightning Component framework. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableS1EncryptedStoragePref2 | boolean | Indicates whether the Salesforce mobile web uses secure and persistent browser caching to improve performance (true) or not (false). |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
canOnlyLoginWithMyDomainUrl | boolean | If true, users must use the org's My Domain login URL to log in. If false (default), users can also log in using the org's instance Salesforce URL, https://InstanceName.salesforce.com, and through the login URL https://login.salesforce.com. | |
doesApiLoginRequireOrgDomain | boolean | If true, users must use the org's My Domain login URL to access the Salesforce API. If false (default), users can also access the Salesforce API using the generic Salesforce page, https://InstanceName.salesforce.com and through the login URL https://login.salesforce.com. | |
enableNativeBrowserForAuthOnAndroid | boolean | If true, use the native browser for authentication of Android mobile apps. Default is false. | |
enableNativeBrowserForAuthOnIos | boolean | If true, use the native browser for authentication of iOS mobile apps. Default is false. | |
useStabilizedMyDomainHostnames | boolean | Indicates whether the instance name is hidden in My Domain URLs for Visualforce, Experience Builder, Site.com Studio, and content files (true) or not (false). This field has a default value of true. For example, MyDomainName--PackageName.na44.visual.force.com becomes MyDomainName--PackageName.visualforce.com when this field is set to true. | |
useStabilizedSandboxMyDomainHostnames | boolean | This field corresponds to the Stabilize the Hostname for My Domain URLs in Sandboxes release update, which was enforced in Summer '20. When true, the instance name is hidden in My Domain URLs for sandboxes orgs. For example, MyDomainName--test.cs5.my.salesforce.com became MyDomainName--test.my.salesforce.com. As of API version 49.0, this field's value is always true, regardless of the value that you set. Changing its value has no effect on Salesforce, even if it reads false. This change applies retroactively back to API version 47.0, when this field was first introduced. Previously, in API version 47.0 to 49.0, this field indicated whether the instance name was hidden in My Domain URLs for sandboxes orgs (true) or not (false), and the field's default value was false. Now, in all API versions, this field's value is always true, even if it reads false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CreatedDate | number | The time when the OauthToken was created | |
AccessToken | string | The refresh token for authorization. | |
AppName | string | The label for the connected app that's associated with this OAuth token. | |
Id | string | Reserved for future use. Currently, the value is always null. | |
RequestToken | string | The authorization code that was used to request the corresponding AccessToken. With this authorization code, you can revoke the corresponding AccessToken by passing the DeleteToken. | |
UseCount | number | How often the token has been used. | |
AppMenuItemId | string | The unique ID for the App Picker menu item that's associated with this OAuth token. | |
LastUsedDate | number | The most recent date when the OAuth token was used. | |
UserId | string | User | The owner of the token. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CreatedDate | number | The time when the ObjectPermission was created for Parent PermissionSet. | |
Id | string | The unique identifier of ObjectPermission. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the ObjectPermission associated with PermissionSet. |
ParentId | string | PermissionSet | The Id of this object's parent PermissionSet. |
PermissionsCreate | boolean | If true, users assigned to the parent PermissionSet can create records for this object. Requires PermissionsRead for the same object to be true. | |
PermissionsDelete | boolean | If true, users assigned to the parent PermissionSet can delete records for this object. Requires PermissionsRead and PermissionsEdit for the same object to be true. | |
PermissionsViewAllRecords | boolean | If true, users assigned to the parent PermissionSet can view all records for this object, regardless of sharing settings. Requires PermissionsRead for the same object to be true. | |
CreatedById | string | User | The unique identifier (id) for the User who created the ObjectPermission. |
PermissionsModifyAllRecords | boolean | If true, users assigned to the parent PermissionSet can edit all records for this object, regardless of sharing settings. Requires PermissionsRead, PermissionsDelete, PermissionsEdit, and PermissionsViewAllRecords for the same object to be true. | |
SobjectType | string | The object's API name. | |
SystemModstamp | number | The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger). | |
LastModifiedDate | number | The time when the User was last modified by a user | |
PermissionsEdit | boolean | If true, users assigned to the parent PermissionSet can edit records for this object. Requires PermissionsRead for the same object to be true. | |
PermissionsRead | boolean | If true, users assigned to the parent PermissionSet can view records for this object. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
expiration | string | The length of time until a user password expires and must be changed. Valid values are Never, ThirtyDays, SixtyDays, NinetyDays, SixMonths, OneYear | |
historyRestriction | number | The number of previous passwords saved for users so that they must always reset a new, unique password. Valid values are 0 through 24 passwords remembered. The maximum value of 24 applies to API version 31.0 and later. In earlier versions, the maximum value is 16. | |
lockoutInterval | string | The duration of the login lockout. Valid values are FifteenMinutes (this value is the default value), ThirtyMinutes, SixtyMinutes, Forever (must be reset by admin) | |
maxLoginAttempts | string | The number of login failures allowed for a user before the user is locked out. Valid values are NoLimit, ThreeAttempts, FiveAttempts, TenAttempts. This value is the default value. | |
minimumPasswordLifetime | boolean | If enabled (true), passwords can't be changed more than one time during a 24-hour period. | |
questionRestriction | string | The restriction on whether the answer to the password hint question can contain the password itself. Valid values are None, DoesNotContainPassword | |
complexity | string | The types of characters that must be used in a user's password. Valid values are NoRestriction, AlphaNumeric, SpecialCharacters, UpperLowerCaseNumeric, UpperLowerCaseNumericSpecialCharacters, Any3UpperLowerCaseNumericSpecialCharacters | |
minimumPasswordLength | number | The minimum number of characters required for a password. The number can contain from 5 to 50 characters (default is 8). Available in API version 35.0 and later. Before API version 35.0, specify minimum password length with the enumeration minPasswordLength, with valid values FiveCharacters, EightCharacters (default), TenCharacters, TwelveCharacters (API version 31.0 and later), and FifteenCharacters (API version 34.0 and later). | |
obscureSecretAnswer | boolean | If enabled (true), hide answers to security questions as the user types. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
IsOwnedByProfile | boolean | If true, the permission set is owned by a profile. Available in API version 25.0 and later. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the PermissionSet. |
Name | string | The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters. | |
Permissions | list<object> | One field for each permission. The number of fields varies depending on the permissions for the organization and license type. | |
PermissionName | string | The name of the Permission. | |
isEnabled | boolean | If true, users assigned to this permission set have the named permission. | |
Type | string | Permission Set Type. | |
Id | string | The unique identifier of PermissionSet. | |
Label | string | The permission set label, which corresponds to Label in the user interface. Limit: 80 characters. | |
LastModifiedDate | number | The time when the User was last modified by a user | |
LicenseId | string | The ID of either the related PermissionSetLicense or UserLicense associated with this permission set. | |
ProfileId | string | Profile | If the permission set is owned by a profile, this field returns the ID of the Profile. If the permission set isn't owned by a profile, this field returns a null value. |
Description | string | A description of the permission set. Limit: 255 characters. | |
SystemModstamp | number | The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger). | |
HasActivationRequired | boolean | Indicates whether the permission set requires an associated active session (true) or not (false). | |
CreatedDate | number | The time when the PermissionSet. | |
IsCustom | boolean | If true, the permission set is custom (created by an admin); if false, the permission set is standard and related to a specific permission set license. | |
NamespacePrefix | string | The namespace prefix for a permission set that's been installed as part of a managed package. If the permission set isn't packaged or is part of an unmanaged package, this value is empty. | |
PermissionSetGroupId | string | If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value. | |
CreatedById | string | User | The unique identifier (id) for the User who created the PermissionSet. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
PermissionSetGroupId | string | If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value. | |
PermissionSetId | string | PermissionSet | Unique Identifier of PermissionSet |
SystemModstamp | number | The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger). | |
AssigneeId | string | User | ID of the User to assign the permission set specified in PermissionSetId. |
ExpirationDate | number | The date that the assignment of the permission set expires for the specified user. | |
Id | string | The unique identifier of PermissionSetAssignment. | |
IsActive | boolean | Indicates whether the permission set assignment is active (true) or not (false). Defaults to false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
canEncryptManagedPackageFields | boolean | Indicates whether users can enable encryption on custom fields in installed managed packages (true) or not (false). | |
enableDeterministEncryption | boolean | Indicates whether customers apply the deterministic encryption scheme to supported fields (true) or not (false). The deterministic encryption scheme lets customers filter on encrypted data. | |
enableEventBusEncryption | boolean | Indicates whether events are encrypted at rest in the event bus (true) or not (false). The events include change data capture events and platform events. The default value is false. If false, events aren't encrypted and are stored in clear text in the event bus. | |
enableEncryptFieldHistory | boolean | Indicates whether the background encryption process applies the customer's active key material to field history and feed tracking values (true) or not (false). The default value is false. If false, background encryption processes apply active key material to all encrypted data except duplicates of that data stored in field history or feed tracking. | |
isMEKForEncryptionRequired | boolean | Indicates whether encryption policy tasks, such as enabling encryption on fields, also require the Manage Encryption Keys permission (true) or not (false), in addition to those tasks' baseline permissions. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
UserLicenseId | string | ID of the UserLicense associated with this profile.. | |
CreatedDate | number | The time when the Profile was created. | |
Id | string | The unique identifier of Profile. | |
LastReferencedDate | number | The timestamp for when the current user last viewed a record related to this profile. | |
SystemModstamp | number | The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger). | |
UserType | string | The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles. | |
CreatedById | string | User | The unique identifier (id) for the User who created the Profile. |
Description | string | A description of the Profile. | |
LastModifiedDate | number | The time when the Profile was last modified by a user | |
Name | string | The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the Profile. |
LastViewedDate | number | The timestamp for when the current user last viewed this profile. | |
Permissions | list<object> | One field for each permission. The number of fields varies depending on the permissions for the organization and license type. | |
isEnabled | boolean | If true, users assigned to this permission set have the named permission. | |
PermissionName | string | The name of the Permission. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
RealTimeEvents | list<object> | A list of Real-Time Event entities | |
entityName | string | The name of the storage or streaming entity to be modified. For example, ApiEvent or ApiEventStream. | |
isEnabled | boolean | Indicates whether to enable storage or streaming capability. | |
StreamingApiConcurrentClients | object | The number of Concurrent CometD clients (subscribers) across all channels and for all event types | |
Max | number | The maximum number of Concurrent CometD clients (subscribers) across all channels and for all event types | |
Remaining | number | The remaining number of Concurrent CometD clients (subscribers) across all channels and for all event types that can subscribe |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
fullName | string | The name can only contain characters, letters, and the underscore (_) character, must start with a letter, and cannot end with an underscore or contain two consecutive underscore characters. | |
isActive | boolean | Indicates if the remote site setting is active (true) or not (false). | |
url | string | The URL for the remote site. | |
description | string | The description explaining what this remote site setting is used for. | |
disableProtocolSecurity | boolean | Indicates whether code within Salesforce can access the remote site regardless of whether the user's connection is over HTTP or HTTPS (true) or not (false). When true, code within Salesforce can pass data from an HTTPS session to an HTTP session, and vice versa. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableAdvancedCMTSecurity | boolean | Indicates whether custom metadata type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false. | |
enableAdvancedCSSecurity | boolean | Indicates whether custom settings type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false. | |
enableListCustomSettingCreation | boolean | Indicates whether you can create custom settings when using application-level data definitions (true) or not (false). This field has a default value of false. | |
enableSOSLOnCustomSettings | boolean | Indicates whether custom settings values are returned in Salesforce Object Search language (SOSL) queries (true) or not (false). This field has a default value of false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableCrossOrgRedirects | boolean | Indicates whether redirections to other Salesforce orgs are allowed (true) or blocked (false). In orgs that got Winter '24 before October 2023, the default value is false. In all other orgs, the default value is true. This setting applies to user redirections via a direct link, a post-action URL, or a post-login URL in Salesforce. An example of a direct link is <a href='https://www.example.com'>example.com</a>. Post-action URLs and post-login URLs use a protected URL redirect parameter, such as retURL, startURL, saveURL, cancelURL, and targetURL. Subsequent redirections can't be verified because they occur outside Salesforce. When this field is set to true, no warning is displayed to the user upon redirection to another Salesforce org. For better security, add the URLs for the Salesforce orgs that you own to RedirectWhitelistUrl and set this field to true. | |
enableAdminLoginAsAnyUser | boolean | If true, the "Administrator Can Log in as Any User" field is enabled | |
enableCoopHeader | boolean | Indicates whether the Cross-Origin Opener Policy (COOP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, each custom Visualforce page opens in a new browsing context group. The default value is false. | |
enforceUserDeviceRevoked | boolean | If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later. | |
enableAuraSecureEvalPref | boolean | If true, this setting prevents the creation of function expressions in dynamically created Aura components. The default is false. This field is available in API version 47.0 and later. | |
enableCoepHeader | boolean | Indicates whether the Cross-Origin Embedder Policy (COEP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, externally sourced embedded content loads only when the external origin allows it via CORS or CORP. The default value is false. | |
enablePermissionsPolicy | boolean | Indicates whether the pages that Salesforce serves for this org include the Permissions-Policy HTTP header. This HTTP header controls access to browser features such as cameras and microphones. When this field is false, access to the browser features is always permitted. The default value is false | |
sendCspForUncommonClients | boolean | In rare cases, Salesforce can't identify whether the requesting app or specialized browser supports the Content-Security-Policy: frame-ancestors HTTP header directive. In those cases, this field indicates whether that directive is included in (true) or omitted from (false) the HTTP response header for pages that Salesforce serves for this org. The default value is false. When sendCspForUncommonClients is true, users who access Salesforce via an app or browser that doesn't support the Content-Security-Policy: frame-ancestors HTTP header directive can experience errors if that lack of support is unclear. | |
canUsersGrantLoginAccess | boolean | If true, users can grant login access to Support. If false, only an admin can grant login access. | |
enableAuditFieldsInactiveOwner | boolean | If true, this setting enables audit fields and updating the owner for records that are owned by inactive users. The default value is false. This field is available in API version 47.0 and later. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableCSPOnEmail | boolean | Indicates whether a content security policy is enabled for the email template. A content security policy helps prevent cross-site scripting attacks by listing allowed sources of images and other content. | |
enableCSRFOnGet | boolean | Indicates whether Cross-Site Request Forgery (CSRF) protection on GET requests on non-setup pages is enabled (true) or disabled (false). | |
enableClickjackNonsetupUser | boolean | Indicates whether clickjack protection for customer Visualforce pages with standard headers turned on is enabled (true) or disabled (false). | |
enableClickjackSetup | boolean | Indicates whether clickjack protection for setup pages is enabled (true) or disabled (false). | |
enableContentSniffingProtection | boolean | Indicates if the browser is prevented from inferring the MIME type from the document content and from executing malicious files (JavaScript, Stylesheet) as dynamic content. This field is available in API version 39.0 and later. | |
enableOauthCorsPolicy | boolean | If set to true, enables Cross-Origin Resource Sharing (CORS) for these OAuth endpoints: /services/oauth2/token /services/oauth2/revoke /services/oauth2/introspect Default setting is false. Available in API version 50.0 and later. | |
sidToken3rdPartyAuraApp | boolean | If true, a Lightning app replaces the authentication cookie with a session token when the Lightning app is in a third-party context, such as Lightning Out. Browsers are restricting the use of third-party cookies. This org setting is an alternative for the authentication cookie to requiring that users disable browser settings, such as Safari's Prevent cross-site tracking setting | |
allowUserAuthenticationByCertificate | boolean | If enabled (true), users can authenticate with a PEM-encoded X.509 digital certificate. Not enabled by default. Available in API version 47.0 and later. | |
enableCSRFOnPost | boolean | Indicates whether Cross-Site Request Forgery (CSRF) protection on POST requests on non-setup pages is enabled (true) or disabled (false). | |
lockerServiceCSP | boolean | If true, a stricter Content Security Policy is enabled to disallow the unsafe-inline source for the script-src CSP directive. Script tags can't be used to load JavaScript, and event handlers can't use inline JavaScript. Lightning Locker and Lightning Web Security depend on this setting to be enabled to protect Lightning components. | |
forceLogoutOnSessionTimeout | boolean | If enabled (true), the default, when sessions time out for inactive users, current sessions become invalid. The browser refreshes and returns to the login page. To access the organization, the user must log in again. | |
lockSessionsToDomain | boolean | Indicates whether the current UI session for a user is associated with a specific domain. This check helps prevent unauthorized use of the session ID in another domain. The value is true by default for orgs created with the Spring '15 release or later. Available in API version 33.0 and later. | |
allowUserCertBasedAuthenticationWithOcspValidation | boolean | If enabled (true), authentication certificates are validated using the Online Certificate Status Protocol (OCSP) or a Certificate Revocation List (CRL). | |
canConfirmIdentityBySmsOnly | boolean | Prevents identity verification by email for users who have registered other verification methods, such as SMS or Salesforce Authenticator. If no other verification methods are configured, users are verified by email. By default, this setting is disabled (false) for existing orgs. For new orgs, this setting is enabled (true) by default. Available in API version 48.0 and later. | |
enableClickjackNonsetupSFDC | boolean | Indicates whether clickjack protection for non-setup Salesforce pages is enabled (true) or disabled (false). | |
enableClickjackNonsetupUserHeaderless | boolean | Indicates whether clickjack protection for customer Visualforce pages with standard headers turned off is enabled (true) or disabled (false). | |
hasRetainedLoginHints | boolean | If you enable 'Remember me until logout' (true), usernames (login hints) are cached until the user logs out. If a session times out, usernames appear on the Switcher as inactive. If false (default), usernames aren't cached for SSO sessions. | |
identityConfirmationOnTwoFactorRegistrationEnabled | boolean | Indicates if users are required to confirm their identities when adding a verification method such as Salesforce Authenticator for multi-factor authentication (MFA), instead of requiring a re-login. (Multi-factor authentication was formerly called two-factor authentication.) This field is available in API version 40.0 and later. | |
referrerPolicy | boolean | Indicates whether the referer header hides sensitive information that could be present in the full URL. If true, then the referer header displays only salesforce.com. If false, then the header displays the entire URL. For a Visualforce user, if referrerPolicy is set to true, then the referer header displays only force.com. If false, then the header displays the entire URL. Available in API version 42.0 and later. | |
requireHttpOnly | boolean | Sets the HttpOnly attribute on session cookies, making them inaccessible via JavaScript. If true, session ID cookie access is restricted. | |
enableBuiltInAuthenticator | boolean | Indicates whether users can verify their identity with a built-in authenticator that's already on their device (true), such as Touch ID or Windows Hello, or not (false). The default value is false | |
enableCacheAndAutocomplete | boolean | Indicates whether the user's browser is allowed to store usernames and auto-fill the User Name field on the login page (true) or not (false). | |
hasUserSwitching | boolean | If 'Enable user switching' is true (default), users can log in to other orgs by selecting their profile picture and using the Switcher. You must also enable the 'Enable caching and autocomplete on login page' setting. If false, the Switcher isn't enabled and your org doesn't appear in Switchers on other orgs. | |
forceRelogin | boolean | If true, an admin who is logged in as another user must log in again to their original session, after logging out as the secondary user. If false, the admin isn't required to log in again. | |
redirectionWarning | boolean | Indicates whether users see an alert when they click a link in a web tab that redirects them outside the saleforce.com domain. Available in API version 42.0 and later. | |
enableMFADirectUILoginOptIn | boolean | Requires all users in your Salesforce org to provide an additional verification method when logging in directly to the UI with their username and password. Users who are already enabled via the Multi-Factor Authentication for User Interface Logins user permission experience no change. The Waive Multi-Factor Authentication for Exempt Users user permission overrides this setting. | |
enforceIpRangesEveryRequest | boolean | If true, the IP addresses in Login IP Ranges are enforced when a user accesses Salesforce (on every page request), including access from a client app. If false, the IP addresses in Login IP Ranges are enforced only when a user logs in. This field affects all user profiles that have login IP restrictions. Available in API version 34.0 and later. | |
lockerServiceNextControl | boolean | Reserved for internal use | |
disableTimeoutWarning | boolean | Indicates whether the session timeout warning popup is disabled (true) or enabled (false). | |
enableSMSIdentity | boolean | If enabled (true), the default, users can receive a one-time password in a text message (SMS) to verify their identity. Users must verify their mobile phone number before they can receive SMS messages. | |
enableU2F | boolean | If enabled (true), users can use a physical U2F-compatible security key for multi-factor authentication (MFA) and identity verification. The default is false. Available in API version 47.0 and later. | |
lockerServiceNext | boolean | If true, Lightning Web Security is used instead of Lightning Locker to protect Lightning web components. Lightning Locker continues to protect Aura components. If false, Lightning Locker protects Lightning web components and Aura components. | |
useLocalStorageForLogoutUrl | boolean | Redirects all expired tabs in your browser to your custom logout URL (true). By default, this option is enabled for all new orgs and is available in API version 52.0 and later. For orgs created prior to the Summer '21 release, the default setting is false. | |
canConfirmEmailChangeInLightningCommunities | boolean | When users change their email address, they receive an email at the new address with a link. After they click the link, their new email address takes effect. | |
enablePostForSessions | boolean | Indicates whether cross-domain session information is exchanged using a POST request instead of a GET request, such as when a user is using a Visualforce page. In this context, POST requests are more secure than GET requests. Available in API version 31.0 and later. | |
identityConfirmationOnEmailChange | boolean | Indicates if a user's identity is confirmed when changing their email address, instead of requiring a re-login. This field is available in API version 42.0 and later. | |
sessionTimeout | string | The length of time after which users without activity are prompted to log out or continue working. Valid values are FifteenMinutes, ThirtyMinutes, SixtyMinutes, TwoHours, FourHours, EightHours, TwelveHours | |
enableLightningLogin | boolean | If enabled (true), users can use Lightning Login (Salesforce Authenticator) to log in instead of a password. Available in API Version 47.0 and later. | |
enableLightningLoginOnlyWithUserPerm | boolean | If enabled (true), only users with the Lightning Login User permission can log in with Salesforce Authenticator instead of a password. Available in API version 47.0 and later. | |
enforceUserDeviceRevoked | boolean | If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later. | |
FileUploadAndDownloadSecurityRules | list<object> | A list of rules representing the security settings for uploading and downloading files. | |
dispositions | string | Represents the metadata used to manage file type behavior. | |
noHtmlUploadAsAttachment | boolean | Indicates whether to allow HTML uploads as attachments or document records. | |
lockSessionsToIp | boolean | Indicates whether user sessions are locked to the IP address from which the user logged in (true) or not (false). | |
redirectBlockModeEnabled | boolean | If true, users can't access untrusted URLs outside the salesforce.com domain via links in a web tab. When a user clicks the link, a message informs the user that they can't access the page because the external site isn't trusted. The default is false. | |
referrerPolicyDirective | string | The HTTP referrer policy directive for pages served by Salesforce. The default is origin-when-cross-origin. If referrerPolicy is false, this value has no effect. Valid values are: origin-when-cross-origin, no-referrer, no-referrer-when-downgrade, origin, same-origin, strict-origin, strict-origin-when-cross-origin, and unsafe-url |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableRestrictAccessLookupRecords | boolean | Indicates whether users must have read access to a record to see the record's name in lookup and system fields (true) or not (false). This field has a default value of true in Salesforce orgs created in Spring '20 or later and a default value of false in all other orgs. This field is available in API version 48.0 and later. | |
enableSecureGuestAccess | boolean | When true, guest users have organization-wide defaults set to Private. To share records with them, guest user sharing rules must be used. | |
enableAssetSharing | boolean | Indicates whether sharing is enabled for assets (true) or asset access is determined by the parent object's sharing rules (false). This field has a default value of false. | |
enableAccountRoleOptimization | boolean | Indicates whether person roles are assigned to new site users in accounts without existing users (true) or if regular site roles are created for new users (false). This field has a default value of false. | |
enableCommunityUserVisibility | boolean | Indicates whether site users in the same site can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. In orgs created in API version 47.0 and later, this setting doesn't apply to guest users. | |
enablePartnerSuperUserAccess | boolean | Indicates whether you can grant super user access to partners in sites (true) or not (false). This field has a default value of false. To use this field, you need the 'Customize Application' permission. | |
deferGroupMembership | boolean | Indicates whether group membership calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later. | |
deferSharingRules | boolean | Indicates whether sharing rule calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later. | |
enablePortalUserVisibility | boolean | Indicates whether portal users in the same customer or partner portal account can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. To enable this field, contact Salesforce Support. | |
enableRemoveTMGroupMembership | boolean | Removes group membership info for the original territory management feature after migrating to Enterprise Territory Management when set to true. This field has a default value of false. Once this field is set to true, it can't be set to false again. | |
enableTerritoryForecastManager | boolean | Indicates whether forecast managers can act as delegated administrators for territories below them in the hierarchy (true) or not (false). This field has a default value of false. | |
enableManagerGroups | boolean | Indicates whether users can share records with their managers and manager subordinates groups (true) or not (false). This field has a default value of false. To use this field, you need the 'View and Manage Users' permission. | |
enableManualUserRecordSharing | boolean | Indicates whether users can share their own user record (true) or not (false). This field has a default value of false. | |
enableStandardReportVisibility | boolean | Indicates whether users can view reports based on standard report types that may expose data of users to whom they don't have access (true) or not (false). This field has a default value of false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableCaseInsensitiveFederationID | boolean | If you enable Make Federation ID case-insensitive (true), the Federation ID field on a user object isn't case-sensitive. If disabled (false), the Federation ID field remains case-sensitive. The default is false. | |
enableSamlLogin | boolean | If you enable 'SAML Enabled' (true), users can SSO into Salesforce from providers via SAML. The default isn't enabled (false). | |
enableMultipleSamlConfigs | boolean | If true (default), you can configure multiple SAML providers. After enabling the setting, it can't be disabled. | |
enableSamlJitProvisioning | boolean | If you enable User Provisioning Enabled (true), you can provision users through a SAML assertion (called just-in-time provisioning). Requires EnableSamlLogin to be true and enableMultipleSamlConfigs to be false. The default is enabled (false). | |
enableForceDelegatedCallout | boolean | If you enable Force Delegated Authentication Callout (true), a callout to the SSO endpoint occurs regardless of login restriction failures. If disabled (false), the default, and if a user's first login attempt fails due to login restrictions within the Salesforce org, a call isn't made to the SSO endpoint. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableTopicsInSites | boolean | Indicates whether guest and authenticated external users can view topics in Salesforce Sites and Salesforce portals (true) or not (false). The default value is false. | |
enableSitesRecordReassignOrgPref | boolean | When true, indicates when the org assigns records created by guest users of a site to a default owner in the org. When false, the guest user remains the owner of the record. The default value is false. Available in API version 48.0 and later. | |
enableProxyLoginICHeader | boolean | Indicates whether security tokens for API logins from callouts (in API version 31.0 and earlier) are required (true) or not (false). The default value is true. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
UserPreferencesHideEndUserOnboardingAssistantModal | boolean | Reserved for future use. | |
UserPreferencesShowPostalCodeToExternalUsers | boolean | Indicates the visibility of the postal or ZIP code field in the user's contact information. Postal code is visible only to internal members of the user's organization when this field is false. Postal code is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowPostalCodeToGuestUsers is true, which overrides this field's value External users are users with Community, Customer Portal, or partner portal licenses. The default value is false. | |
DefaultCurrencyIsoCode | string | The user's default currency setting for new records. For example, if a user in France sets DefaultCurrencyIsoCode to euros, then that's their default currency. Only applicable for organizations that use multiple currencies. | |
Manager | string | User lookup field used to select the user's manager. This field establishes a hierarchical relationship, preventing you from selecting a user that directly or indirectly reports to themselves. | |
NumberOfFailedLogins | number | The number of failed login attempts for the user's account. When the maximum number of failed login attempts is reached, the counter resets and the user's account is locked. If there's a successful login before the maximum number of failed login attempts is reached, the counter resets and the user's account remains unlocked. | |
UserPreferencesDisableWorkEmail | boolean | When false, the user receives emails related to WDC feedback, goals, and coaching. The user must also sign up for individual emails listed on the WDC email settings page. When true, the user doesn't receive any emails related to WDC feedback, goals, or coaching even if they're signed up for individual emails. | |
WirelessEmail | string | Wireless email address associated with this user. For use with Salesforce Wireless Edition. This field is available only if the Wireless and Email permissions are enabled for your organization. | |
Latitude | number | Used with Longitude to specify the geolocation of an address. Acceptable values are numbers between -90 and 90 up to 15 decimal places. | |
UserPermissionsJigsawProspectingUser | boolean | Indicates whether the user is allocated one Data.com user license (true) or not (false). The Data.com user license lets the user add Data.com contact and lead records to Salesforce in supported editions. Label is Data.com User. | |
UserPreferencesDisableProfilePostEmail | boolean | When false, the user automatically receives email every time someone posts to the user's profile. | |
PortalRole | string | The role of the user in the Customer Portal (either "Executive", "Manager", "User", or "PersonAcount") | |
IsPartner | boolean | Indicates whether the user is a partner who has access to the partner portal (true) or not (false). This field isn't available for release 9.0 and later. Instead, use UserType with the value Partner or Power Partner. | |
LastReferencedDate | number | The timestamp for when the current user last viewed a record related to this record. | |
OfflineTrialExpirationDate | number | The date and time when the user's Connect Offline trial expires. | |
SenderName | string | The name used as the email sender when the user sends emails. This name is the same value shown in Setup on the My Email Settings page. | |
UserPermissionsKnowledgeUser | boolean | Indicates whether the user is enabled to use Salesforce Knowledge (true) or not (false). Label is Knowledge User. | |
Alias | string | The user's alias. For example, jsmith. | |
DefaultDivision | string | This record's default division. Only applicable if divisions are enabled. | |
Extension | string | The user's phone extension number. | |
UserPermissionsSiteforcePublisherUser | boolean | Indicates whether the user is allocated one Site.com Publisher feature license (true) or not (false). Label is Site.com Publisher User. The Site.com Publisher feature license grants the user access to the Site.com application. Users with a Publisher license can build and style websites, control the layout and functionality of pages and page elements, and add and edit content. | |
UserPreferencesDisableChangeCommentEmail | boolean | When false, the user automatically receives email every time someone comments on a change the user has made, such as an update to their profile. | |
UserPreferencesDisProfPostCommentEmail | boolean | When false, the user automatically receives email every time someone comments on posts on the user's profile. | |
UserPermissionsSiteforceContributorUser | boolean | Indicates whether the user is allocated one Site.com Contributor feature license (true) or not (false). Label is Site.com Contributor User. The Site.com Contributor feature license grants the user access to the Site.com application. Users with a Contributor license can use Site.com Studio to edit site content only. | |
UserPreferencesDisableFeedbackEmail | boolean | When false, the user automatically receives emails related to WDC feedback. The user receives these emails when someone requests or offers feedback, shares feedback with the user, or reminds the user to answer a feedback request. | |
UserPreferencesShowManagerToExternalUsers | boolean | Indicates the visibility of the manager field in the user's contact information. Manager is visible only to internal members of the user's organization when this field is false. Manager is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false. | |
UserPreferencesShowFaxToGuestUsers | boolean | Indicates the visibility of the fax number field in the user's contact information. When true, the fax number field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowFaxToExternalUsers, making the user's fax number visible to guests. The default value is false. | |
UserPreferencesTaskRemindersCheckboxDefault | boolean | When true, a reminder popup is automatically set on the user's tasks. Corresponds to the By default, set reminder on Tasks to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders. | |
Address | object | Address of the user. | |
Longitude | number | Used with Latitude to specify the precise geolocation of the address. | |
Street | string | The street detail for the address. | |
Accuracy | string | Accuracy level of the geocode for the mailing address. | |
City | string | The city detail for the address. | |
CountryCode | string | The ISO country code for the address. | |
Latitude | number | Used with Longitude to specify the precise geolocation of the address. | |
Country | string | The country detail for the address. | |
PostalCode | string | The postal code for the address. | |
State | string | The state detail for the address. | |
StateCode | string | The ISO state code for the address. | |
GeocodeAccuracy | string | The level of accuracy of a location's geographical coordinates compared with its physical address. A geocoding service typically provides this value based on the address's latitude and longitude coordinates. | |
StateCode | string | The ISO state code associated with the user. | |
UserRoleId | string | ID of the user's UserRole. Label is Role ID. | |
DigestFrequency | string | The send frequency of the user's Chatter personal email digest. The valid values are: "D" (Daily), "W" (Weekly), "N" (Never). The default value is "D". | |
Street | string | The street address associated with the User. | |
UserPreferencesApexPagesDeveloperMode | boolean | When true, indicates that the user has enabled developer mode for editing Visualforce pages and controllers. | |
ForecastEnabled | boolean | Indicates whether the user is enabled as a forecast manager (true) or not (false). Forecast managers see forecast rollups from users below them in the forecast hierarchy. | |
SenderEmail | string | The email address used as the From address when the user sends emails. This address is the same value shown in Setup on the My Email Settings page. | |
UserPreferencesActivityRemindersPopup | boolean | When true, a reminder window automatically opens when an activity reminder is due. Corresponds to the Trigger alert when reminder comes due checkbox at the Reminders page in the personal settings in the user interface. | |
UserPreferencesDisableSharePostEmail | boolean | When false, the user automatically receives email every time their post is shared. | |
UserPreferencesDisCommentAfterLikeEmail | boolean | When false, the user automatically receives email every time someone comments on a post that the user liked. This field is available in API version 24.0 and later. | |
BannerPhotoUrl | string | The URL for the user's banner photo. This field is available in API version 36.0 and later. | |
string | The user's email address. | ||
FederationIdentifier | string | Indicates the value that must be listed in the Subject element of a Security Assertion Markup Language (SAML) IDP certificate to authenticate the user for a client application using single sign-on. This value must be specified if the SAML User ID Type is Assertion contains Federation ID from the User record. Otherwise, this field can't be edited. | |
UserPreferencesReceiveNotificationsAsDelegatedApprover | boolean | Controls email notifications from the approval process for delegated approvers. If true, emails are enabled. If false, emails are disabled. The default value is false. | |
UserPreferencesShowManagerToGuestUsers | boolean | Indicates the visibility of the manager field in the user's contact information. When true, the manager field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowManagerToExternalUsers, making the user's manager visible to guests. The default value is false. | |
UserPreferencesContentNoEmail | boolean | When false, a user with Salesforce CRM Content subscriptions receives email notifications if activity occurs on the subscribed content, libraries, tags, or authors. To receive real-time email alerts, set this field to false and set the UserPreferencesContentEmailAsAndWhen field to true. The default value is false. | |
UserPreferencesEventRemindersCheckboxDefault | boolean | When true, a reminder popup is automatically set on the user's events. Corresponds to the By default, set reminder on Events to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders. | |
UserPreferencesHideSfxWelcomeMat | boolean | Controls whether a user sees the Lightning Experience new user message. That message welcomes users to the new interface and provides step-by-step instructions that describe how to return to Salesforce Classic. | |
UserPreferencesDisableFileShareNotificationsForApi | boolean | When false, email notifications are sent from the person who shared the file to the users that the file is shared with. | |
UserPermissionsSFContentUser | boolean | Indicates whether the user is allocated one Salesforce CRM Content User License (true) or not (false). Label is Salesforce CRM Content User. The Salesforce CRM Content User license grants the user access to the Salesforce CRM Content application. | |
UserPreferencesHideBiggerPhotoCallout | boolean | When true, users can choose to hide the callout text below the large profile photo. | |
UserPreferencesShowTitleToGuestUsers | boolean | Indicates the visibility of the business title field in the user's contact information. When true, title is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowTitleToExternalUsers, making the user's title visible to external members. The default value is false. | |
UserType | string | The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles. The valid values are "Standard" (user license. This user type also includes Salesforce Platform and Salesforce Platform One user licenses. Label is Standard), "PowerPartner" (User whose access is limited because they're a partner and typically access the application through a partner portal or Experience Cloud site. Label is Partner), "CSPLitePortal" (user whose access is limited because they're an org's customer and access the application through a Customer Portal or Experience Cloud site. Label is High Volume Portal), "CustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal User.), "PowerCustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal Manager). Users with this license type can view and edit data they directly own or data owned by or shared with users below them in the Customer Portal role hierarchy: "CsnOnly" (user whose access to the application is limited to Chatter. This user type includes Chatter Free and Chatter moderator users. Label is Chatter Free), "Guest" (user whose access is limited because they're an unauthenticated user without login credentials. Label is Guest) | |
EmailPreferencesAutoBcc | boolean | Determines whether the user receives copies of sent emails. This option applies only if compliance BCC emails aren't enabled. | |
IsPortalSelfRegistered | boolean | Indicates whether the user is a Customer Portal user who self-registered for your organization's Customer Portal (true) or not (false). | |
Title | string | The user's business title, such as Vice President. | |
TimeZoneSidKey | string | This field is a restricted picklist field. A User time zone affects the offset used when displaying or entering times in the user interface. But the API doesn't use a User time zone when querying or setting values. Values for this field are named using region and key city, according to ISO standards. You can also manually set one User time zone in the user interface, and then use that value for creating or updating other User records via the API. | |
UserPreferencesShowStreetAddressToGuestUsers | boolean | Indicates the visibility of the street address field in the user's contact information. When true, the street address field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowStreetAddressToExternalUsers, making the user's street address visible to guests. The default value is false. | |
UserPreferencesSuppressTaskSFXReminders | boolean | When true, task reminders don't appear. Corresponds to the Show task reminders in Lightning Experience. checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders. | |
DelegatedApproverId | string | Id of the user who is a delegated approver for this user. | |
FirstName | string | The user's first name. | |
Signature | string | The signature text added to emails. This text is the same value shown in Setup on the My Email Settings page. | |
UserPermissionsWorkDotComUserFeature | boolean | Indicates whether the WDC feature is enabled for the user (true) or not (false). | |
UserPreferencesHideS1BrowserUI | boolean | Controls the interface that the user sees when logging in to Salesforce from a supported mobile browser. If false, the user is automatically redirected to the Salesforce mobile web. If true, the user sees the full Salesforce site. The default value is false. Label is Salesforce User. | |
UserPreferencesShowCountryToExternalUsers | boolean | Indicates the visibility of the country field in the user's contact information. Country is visible only to internal members of the user's organization when this field is false. Country is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCountryToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false. | |
CommunityNickname | string | Name used to identify this user in the Experience Cloud site. | |
LastLoginDate | number | The date and time when the user last successfully logged in. This value is updated if 60 seconds elapses since the user's last login. | |
UserPermissionsOfflineUser | boolean | Indicates whether the user is enabled to use Offline Edition (true) or not (false). Label is Offline User. | |
UserPermissionsLiveAgentUser | boolean | Indicates whether the user is enabled to use Chat (true) or not (false). Label is Live Agent User. | |
IsPrmSuperUser | boolean | Available for partner portal users only. Indicates whether the user has super user access in the partner portal (true) or not (false). | |
IsProfilePhotoActive | boolean | Indicates whether a user has a profile photo (true) or not (false). | |
Username | string | Contains the name that a user enters to log in to the API or the user interface. The value for this field must be in the form of an email address, using all lowercase characters. It must also be unique across all organizations. If you try to create or update a User with a duplicate value for this field, the operation is rejected. | |
SmallBannerPhotoUrl | string | The URL for the small user profile banner photo. | |
UserPermissionsMarketingUser | boolean | Indicates whether the user is enabled to manage campaigns in the user interface (true) or not (false). Label is Marketing User. | |
UserPreferencesUserDebugModePref | boolean | When true, the Lightning Component framework executes in debug mode for the user. Corresponds to the Debug Mode checkbox on the Advanced User Details page of personal settings in the user interface. | |
ReceivesInfoEmails | boolean | Indicates whether the user receives informational email from Salesforce (true) or not (false). | |
UserPermissionsWirelessUser | boolean | Required if the Wireless permission is enabled. Indicates whether the user is enabled to use Wireless Edition (true) or not (false). Label is Wireless User. | |
UserPreferencesDisableFollowersEmail | boolean | When false, the user automatically receives email every time someone starts following the user in Chatter. | |
UserPreferencesLightningExperiencePreferred | boolean | When true, redirects the user to the Lightning Experience interface. Label is Switch to Lightning Experience. | |
UserPreferencesOptOutOfTouch | boolean | When false, the user automatically accesses the Salesforce Touch app when logging in to Salesforce from an iPad. If true, automatic access to the Salesforce Touch app is turned off and the user's iPad is directed to the full Salesforce site instead. The default value is false. | |
CompanyName | string | The name of the user's company. | |
Longitude | number | Used with Latitude to specify the geolocation of an address. Acceptable values are numbers between -180 and 180 up to 15 decimal places. | |
MobilePhone | string | The user's mobile device number. | |
UserPreferencesShowTitleToExternalUsers | boolean | Indicates the visibility of the business title field in the user's contact information. Title is visible only to internal members of the user's organization when this field is false. Title is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowTitleToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is true. | |
PostalCode | string | The user's postal or ZIP code. Label is Zip/Postal Code. | |
UserPermissionsCallCenterAutoLogin | boolean | Required if Salesforce CRM Call Center is enabled. Indicates whether the user is enabled to use the auto login feature of the call center (true) or not (false). | |
UserPreferencesDisableBookmarkEmail | boolean | When false, the user automatically receives email every time someone comments on a Chatter feed item after the user has bookmarked it. | |
UserPreferencesDisableRewardEmail | boolean | When false, the user automatically receives emails related to WDC rewards. The user receives these emails when someone gives a reward to the user. | |
BadgeText | string | The Experience Cloud site role, displayed on the user profile page just below the user name. | |
City | string | The city associated with the user. | |
IsActive | boolean | Indicates whether the user has access to log in (true) or not (false). You can modify a User's active status from the user interface or via the API. | |
UserPreferencesJigsawListUser | boolean | When true, the user is a Data.com List user so shares record additions from a pool. UserPermissionsJigsawProspectingUser must also be set to true. Label is Data.com List User. | |
UserPreferencesShowFaxToExternalUsers | boolean | Indicates the visibility of the fax number field in the user's contact information. Fax number is visible only to internal members of the user's organization when this field is false. Fax number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false. | |
Id | string | The unique identifier of User | |
UserPermissionsInteractionUser | boolean | Indicates whether the user can run flows or not. Label is Flow User. | |
UserPreferencesDisableMentionsPostEmail | boolean | When false, the user automatically receives email every time they're mentioned in posts. | |
MiddleName | string | The user's middle name. | |
ProfileId | string | Profile | ID of the user's Profile. Use this value to cache metadata based on profile. |
UserPreferencesEnableAutoSubForFeeds | boolean | When true, the user automatically subscribes to feeds for any objects that the user creates. | |
UserPreferencesDisableMessageEmail | boolean | When false, the user automatically receives email for Chatter messages sent to the user. | |
UserPreferencesShowStreetAddressToExternalUsers | boolean | Indicates the visibility of the street address field in the user's contact information. The address is visible only to internal members of the user's organization when this field is false. The address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false. | |
LastModifiedDate | number | The time when the User was last modified by a user | |
AccountId | string | ID of the Account associated with a Customer Portal user. This field is null for Salesforce users. | |
EmailEncodingKey | string | The email encoding for the user, such as ISO-8859-1 or UTF-8. | |
UserPreferencesShowWorkPhoneToGuestUsers | boolean | Indicates the visibility of the work phone field in the user's contact information. When true, the work phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowWorkPhoneToExternalUsers, making the user's work phone visible to guests. The default value is false. | |
UserPreferencesSortFeedByComment | boolean | Specifies the data value used in sorting a user's feed. When true, the feed is sorted by most recent comment activity. When false, the feed is sorted by post date. | |
UserPreferencesDisableLaterCommentEmail | boolean | When false, the user automatically receives email every time someone comments on a feed item after the user has commented on the feed item. | |
Department | string | The company department associated with the user. | |
Name | string | Concatenation of FirstName and LastName. | |
State | string | The state associated with the User. | |
LanguageLocaleKey | string | The user's language, such as French or Chinese (Traditional). Label is Language. | |
CreatedById | string | User | The unique identifier (id) for the User who created the User. |
CurrentStatus | string | Text that describes what the user is working on. | |
UserPreferencesReceiveNoNotificationsAsApprover | boolean | Controls email notifications from the approval process for approvers. If true, emails are disabled. If false, emails are enabled. The default value is false. | |
UserPreferencesShowProfilePicToGuestUsers | boolean | Indicates the visibility of the user's profile photo. When true, the photo is visible to guest users in an Experience Cloud site. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When false, this field returns the stock photo. The default value is false. | |
CreatedDate | number | The time when the User was created | |
ReceivesAdminInfoEmails | boolean | Indicates whether the user receives email for administrators from Salesforce (true) or not (false). | |
UserPreferencesHideSecondChatterOnboardingSplash | boolean | When true, the secondary Chatter onboarding prompts don't appear. | |
SmallPhotoUrl | string | The URL for a thumbnail of the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo. | |
UserPermissionsChatterAnswersUser | boolean | Indicates whether the portal user is enabled to use the Chatter Answers feature (true) or not (false). This field defaults to false when a Customer Portal user is created from the API. | |
UserPreferencesDisMentionsCommentEmail | boolean | When false, the user automatically receives email every time the user is mentioned in comments. | |
AboutMe | string | Information about the user, such as areas of interest or skills. This field is available even if Chatter is disabled. | |
ContactId | string | ID of the Contact associated with this account. The contact must have a value in the AccountId field or an error occurs. | |
Division | string | The division associated with this user, similar to Department, and unrelated to DefaultDivision. | |
UserPreferencesDisableAllFeedsEmail | boolean | When false, the user automatically receives email for all updates to Chatter feeds, based on the types of feed emails and digests the user has enabled. | |
UserPreferencesHideCSNGetChatterMobileTask | boolean | When true, the Chatter recommendations panel never displays the recommendation to install Chatter Mobile. | |
UserPreferencesNativeEmailClient | boolean | Use this field to set a default email preference for the user's native email client. This field is available in API version 47.0 and later. The default value is false, corresponding to the Salesforce docked email composer. | |
UserPreferencesPathAssistantCollapsed | boolean | When true, Sales Path appears collapsed or hidden to the user. | |
UserPreferencesShowEmailToExternalUsers | boolean | Indicates the visibility of the email address field in the user's contact information. Email address is visible only to internal members of the user's organization when this field is false. Email address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. When false, this field returns the value #N/A. The default value is false. | |
CallCenterId | string | If Salesforce CRM Call Center is enabled, represents the call center that this user is assigned to. | |
FullPhotoUrl | string | The URL for the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo. | |
UserPermissionsSupportUser | boolean | When true, the user can use the Salesforce console. | |
UserPreferencesShowStateToGuestUsers | boolean | Indicates the visibility of the state field in the user's contact information. When true, state is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowStateToExternalUsers, making the user's state visible to external members. The default value is false. | |
LocaleSidKey | string | This field is a restricted picklist field. The value of the field affects formatting and parsing of values, especially numeric values, in the user interface. It doesn't affect the API. The field values are named according to the language, and the country if necessary, using two-letter ISO codes. The set of names is based on the ISO standard. You can also manually set a user's locale in the user interface, and then use that value for inserting or updating other users via the API. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the User recently. |
Country | string | The country associated with the user. | |
LastName | string | The user's last name. | |
LastViewedDate | number | The timestamp for when the current user last viewed this record. If this value is null, it's possible that this record was referenced (LastReferencedDate) but not viewed. | |
UserPreferencesReminderSoundOff | boolean | When true, a sound automatically plays when an activity reminder is due. Corresponds to the Play a reminder sound checkbox on the Reminders page in the user interface. | |
UserPreferencesSuppressEventSFXReminders | boolean | When true, event reminders don't appear. Corresponds to the Show event reminders in Lightning Experience checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders. | |
UserPreferencesShowCityToGuestUsers | boolean | Indicates the visibility of the city field in the user's contact information. When true, city is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCityToExternalUsers, making the user's city visible to external members. The default value is false. | |
DefaultGroupNotificationFrequency | string | The default frequency for sending the user's Chatter group email notifications when the user joins groups. The valid values are "P" (Email on every post), "D" (Daily digests), "W" (Weekly digests), "N" (Never). The default value is "N". For Professional, Enterprise, Unlimited, and Developer Edition organizations that existed before API version 22.0, the default value remains "D". | |
JigsawImportLimitOverride | number | The Data.com user's monthly addition limit. The value must be between zero and the organization's monthly addition limit. Label is Data.com Monthly Addition Limit. | |
UserPreferencesHideCSNDesktopTask | boolean | When true, the Chatter recommendations panel never displays the recommendation to install Chatter Desktop. | |
Suffix | string | The user's name suffix. | |
UserPreferencesDisableLikeEmail | boolean | When false, the user automatically receives email every time someone likes their post or comment. | |
UserPreferencesShowEmailToGuestUsers | boolean | Indicates the visibility of the email address field in the user's contact information. When true, the email address is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowEmailToExternalUsers, making the user's email address visible to guests. The default value is false. | |
EmployeeNumber | string | The user's employee number. | |
IndividualId | string | ID of the data privacy record associated with this user. This field is available if Data Protection and Privacy is enabled. | |
ManagerId | string | The Id of the user who manages this user. | |
UserPreferencesHideLightningMigrationModal | boolean | Reserved for future use. | |
UserPreferencesShowCityToExternalUsers | boolean | Indicates the visibility of the city field in the user's contact information. City is visible only to internal members of the user's organization when this field is false. City is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCityToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. | |
UserPreferencesShowWorkPhoneToExternalUsers | boolean | Indicates the visibility of the work phone number field in the user's contact information. The number is visible only to internal members of the user's organization when this field is false. The number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false. | |
SystemModstamp | number | The time when the User was last modified by a user or an automated process (such as a trigger) | |
CountryCode | string | The ISO country code associated with the user. | |
IsPortalEnabled | boolean | Indicates whether an active, external, user has access to Experience Cloud sites or portals (true) or not (false). This field is only available if one of these conditions is true: Digital experiences is enabled and you have community or portal user licenses, Portals are enabled. | |
UserPreferencesShowStateToExternalUsers | boolean | Indicates the visibility of the state field in the user's contact information. State is visible only to internal members of the user's organization when this field is false. State is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowStateToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false. | |
Fax | string | The user's fax number. | |
UserPreferencesDisableEndorsementEmail | boolean | When false, the member automatically receives email every time someone endorses them for a topic. | |
UserPreferencesShowCountryToGuestUsers | boolean | Indicates the visibility of the country field in the user's contact information. When true, country is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCountryToExternalUsers, making the user's country visible to external members. The default value is false. | |
UserPreferencesHideChatterOnboardingSplash | boolean | When true, the initial Chatter onboarding prompts don't appear. | |
UserPreferencesShowMobilePhoneToGuestUsers | boolean | Indicates the visibility of the mobile phone field in the user's contact information. When true, the mobile phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowMobilePhoneToExternalUsers, making the user's mobile phone visible to guests. The default value is false. | |
UserPreferencesShowPostalCodeToGuestUsers | boolean | Indicates the visibility of the postal or ZIP code field in the user's contact information. When true, postal code is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowPostalCodeToExternalUsers, making the user's postal code visible to external members. The default value is false. | |
MediumBannerPhotoUrl | string | The URL for the medium-sized user profile banner photo. | |
Phone | string | The user's phone number. | |
UserPreferencesContentEmailAsAndWhen | boolean | When false, a user with Salesforce CRM Content subscriptions receives a once-daily email summary if activity occurs on the subscribed content, libraries, tags, or authors. To receive email, the UserPreferencesContentNoEmail field must also be false. The default value is false. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
enableNewProfileUI | boolean | If you enable Enhanced Profile User Interface (true), you can use the streamlined, enhanced profile user interface to browse, search, and modify settings. You can use only one user interface at a time. | |
enableProfileFiltering | boolean | With profile filtering enabled (true), you can restrict who sees profile names to the users who require the access for their job roles. If profile filtering is disabled (false), users can see all profiles in a Salesforce org, regardless of which permissions they have. | |
enableUserSelfDeactivate | boolean | If you enable User Self Deactivate (true), users can deactivate their Experience Cloud site or Chatter accounts. | |
enableConcealPersonalInfo | boolean | Indicates if personal information fields in user records are hidden from external users (true) or not (false). When this field is set to true, 10 personal information fields are hidden. The default value is false. This field is unavailable for orgs created in Winter '22 or later. Salesforce recommends that you use the enableEnhancedConcealPersonalInfo field instead of enableConcealPersonalInfo. Before you set the enableEnhancedConcealPersonalInfo field to true, make sure that enableConcealPersonalInfo is set to false. | |
enableContactlessExternalIdentityUsers | boolean | If true and your org has the External Identity license, you can create contactless users. Having users without contact information reduces the overhead of managing customers. Purchase the External Identity license to access the Customer 360 Identity product. The default is false. Available in API version 47.0 and later. | |
enableEnhancedProfileMgmt | boolean | If you enable Enhanced Profile Lists Views (true), you can quickly view, customize, and edit list data. | |
enableScrambleUserData | boolean | If you enable Let Users Scramble Their User Data (true), users can request that Salesforce remove all their personal data. Because Salesforce can't delete information, it scrambles their data. Scrambling a user's data is unrecoverable. So this org-wide setting serves as an extra precaution. If a user requests it, you scramble the data programmatically with the obfuscateUser Apex method. You can use the method, for example, in a custom Apex trigger, workflow, or the Developer Console. This field is available in API version 47.0 and later. | |
restrictedProfileCloning | boolean | When enabled (true), only permissions accessible to your org are enabled when you clone profiles. When disabled (false), all permissions currently enabled in the source profile are also enabled for the cloned profile, even if your org can't currently access them. This field is available in API version 50.0 and later. | |
enableEnhancedConcealPersonalInfo | boolean | Indicates if personal information fields in user records are hidden from external users (true) or not (false). When this field is set to true, you can choose which fields are classified as personal information and hidden on the User Management Settings Setup page. The default value is false. This field is available in API version 53.0 and later. Before you set the enableEnhancedConcealPersonalInfo field to true, make sure that enableConcealPersonalInfo is set to false. | |
enableEnhancedPermsetMgmt | boolean | If you enable Enhanced Permission Set Component Views (true), you can work with permission sets more easily. For example, when you have large numbers of Apex class assignments for permission sets, you can enable a paginated result set, standard filtering, and sorting. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
LastModifiedDate | number | The time when the UserProvisioningConfig was last modified by a user | |
SystemModstamp | number | The time when the UserProvisioningConfig was last modified by a user or an automated process (such as a trigger) | |
approvalRequired | string | Denotes whether approvals are required for provisioning users for the associated connected app. If the value is null, no approval is required. | |
DeveloperName | string | The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. | |
ReconFilter | string | When collecting and analyzing users on a third-party system, the plug-in uses this filter to limit the scope of the collection. | |
Id | string | The unique identifier of UserProvisioningConfig. | |
Language | string | The two- to five-character code that represents the language and locale ISO. This code controls the language for labels displayed in an application. | |
MasterLabel | string | The primary label for this object. This value is the internal label that doesn't get translated. | |
OnUpdateAttributes | string | Lists the user attributes, as comma-separated values, that generate a UserProvisioningRequest object during an update. | |
CreatedById | string | User | The unique identifier (id) for the User who created the UserProvisioningConfig. |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the UserProvisioningConfig recently. |
ConnectedAppId | string | ConnectedApplication | The 18-digit application ID for the connected app. |
Enabled | boolean | Indicates whether user provisioning is enabled for the associated connected app (true) or not (false). | |
EnabledOperations | string | Lists the operations, as comma-separated values, that create a user provisioning request for the associated connected app. Allowed values are: Create, Update, EnableAndDisable (activation and deactivation), SuspendAndRestore (freeze and unfreeze). | |
LastReconDateTime | number | The date and time when user accounts were last reconciled between Salesforce and the target system. | |
NamespacePrefix | string | The namespace prefix that is associated with this object. Each Developer Edition org that creates a managed package has a unique namespace prefix. Limit: 15 characters. You can refer to a component in a managed package by using the namespacePrefix__componentName notation. | |
UserAccountMapping | string | Stores the attributes used to link the Salesforce user to the account on the third-party system, in JSON format. | |
CreatedDate | number | The time when the UserProvisioningConfig was created | |
NamedCredentialId | string | Salesforce ID of the named credential that's used for a request. The named credential identifies the third-party system and the third-party authentication settings. | |
Notes | string | A utility field for administrators to add any additional information about the configuration. This field is for internal reference only, and is not used by any process. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
DeveloperName | string | The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. | |
PortalAccountOwnerId | string | The ID of the role's associated portal account's owner. | |
MayForecastManagerShare | boolean | Indicates whether the forecast manager can manually share their own forecast. | |
PortalAccountId | string | The ID of the role's associated portal account. | |
PortalType | string | This value indicates the type of portal for the role: None, CustomerPortal, Partner. | |
OpportunityAccessForAccountOwner | string | The opportunity access level for the account owner. Note that you can't set a user role with an opportunity access less than that specified in organization-wide defaults. | |
RollupDescription | string | Description of the forecast rollup | |
ParentRoleId | string | The ID of the parent role. | |
CaseAccessForAccountOwner | string | The case access level for the account owner. | |
ContactAccessForAccountOwner | string | The contact access level for the account owner. | |
ForecastUserId | string | The ID of the forecast manager associated with this role. | |
Id | string | The unique identifier of UserRole. | |
LastModifiedById | string | User | The unique identifier (id) for the User who modified the UserRole. |
LastModifiedDate | number | The time when the User was last modified by a user | |
Name | string | Name of the role. | |
SystemModstamp | number | The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger). |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|