Resource Type
Account
Metadata
CspTrustedSites
CspTrustedSite
OmniInteractionConfigs
OmniInteractionConfig
Certificates
Certificate
ConnectedApps
ConnectedApp
ConnectedAppRisk
ProfilePasswordPolicies
ProfilePasswordPolicy
Networks
Network
RemoteSiteSettings
RemoteSiteSetting
SamlSsoConfigs
SamlSsoConfig
Settings
SecuritySettings
NetworkAccess
NetworkAccessIpRange
PasswordPolicies SessionSettings SingleSignOnSettings
ChatterSettings RealTimeEventSettings PlatformEncryptionSettings AccountSettings SharingSettings EmailAdministrationSettings EventSettings MyDomainSettings SiteSettings ApexSettings CommunitiesSettings ConnectedAppSettings SchemaSettings LightningExperienceSettings MobileSettings ActivitiesSettings FileUploadAndDownloadSecuritySettings UserManagementSettings EncryptionKeySettings
CustomSites
CustomSite
DelegateGroups
DelegateGroup
Tooling
DelegateGroupMembers
DelegateGroupMember
SObjects
Permissions
PermissionSetAssignment ObjectPermissions PermissionSet
OauthTokens
OauthToken
Organizations
Organization
Groups
Group
ConnectedApplications
ConnectedApplication
UserRoles
UserRole
EmailRelays
EmailRelay
UserProvisioningConfigs
UserProvisioningConfig
GroupMembers
GroupMember
Profiles
Profile
Users
User

ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableRelateContactToMultipleAccounts boolean Indicates whether users can relate a contact to multiple accounts (true) or only one account (false). The default value is false. If this feature (Contacts to Multiple Accounts) is disabled, secondary contact-account relationships created while the feature was enabled are deleted. Available in API version 47.0 and later. Avoid using the Metadata API to enable this feature. Use the Account Settings page in Setup to enable Contacts to Multiple Accounts.
enableAccountOwnerReport boolean Indicates whether Account Owner Report can (true) or can't (false) be run by all users.
enableAccountHistoryTracking boolean Indicates whether history tracking is enabled for accounts (true) or not (false). The default value is false. If history tracking is disabled, the History related list is removed from account page layouts. However, history data is still available for reporting up to the date and time when tracking was disabled. Available in API version 47.0 and later.
enableContactHistoryTracking boolean Indicates whether history tracking is enabled for contacts (true) or not (false). Available in API version 46.0 and later.
showViewHierarchyLink boolean Indicates whether the default View Hierarchy link on all business account detail pages is visible (true) or hidden (false).
enableAccountTeams boolean Indicates whether account teams are enabled (true) or not (false). The Metadata API can't be used to disable account teams.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
showCustomLogoMeetingRequests boolean Displays a custom logo in meeting request emails and on a meeting's Web page. Invitees see the logo when a user either invites them to an event or requests a meeting. Admins control this field on the Activity Settings page.
showHomePageHoverLinksForEvents boolean In the calendar section of the Home tab. When a user hovers over the subject of an event, a hover link displays an overlay with selected event details. (Hover links are always available in other calendar views.) When a user clicks the subject of an event, displays the event detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page.
enableEmailTracking boolean Enables tracking of outbound HTML emails if an organization uses HTML email templates. Admins control this field on the Activity Settings page.
autoRelateEventAttendees boolean When users add attendees to events, events are automatically related to up to 50 contacts or one lead. An attendee is matched by their email address to a contact or lead. Admins control this field on the Activity Settings page. Available in API version 42.0 and later.
enableClickCreateEvents boolean Lets users create events in day and weekly calendar views by double-clicking a specific time slot and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Does not support recurring events or multi-person events. Admins control this field on the User Interface settings page.
enableDragAndDropScheduling boolean Lets users create events associated with records by dragging a record from a list view onto a calendar view and entering the details of the event in an overlay. Hovering over an event displays an overlay where users can view the event details or delete the event without leaving the page. Admins use a mini page layout to configure the fields shown in the overlays. Admins control this field on the User Interface settings page.
enableRecurringEvents boolean Enables creation of events that repeat at specified intervals. Admins control this field on the Activity Settings page.
enableRecurringTasks boolean Enables creation of tasks that repeat at specified intervals. Admins control this field on the Activity Settings page.
enableSidebarCalendarShortcut boolean In the sidebar, displays a shortcut link to a user's last-used calendar view. Admins control this field on the Activity Settings page.
showMyTasksHoverLinks boolean In the My Tasks section of the Home tab and on the calendar day view. When a user hovers over the subject of a task, a hover link displays an overlay with selected task details. When a user clicks the subject of a task, displays the task detail page. Admins use a mini page layout to configure the fields shown in the overlay. Admins control this field on the User Interface settings page.
enableGroupTasks boolean Lets users assign independent copies of a new task to multiple users. Admins control this field on the Activity Settings page.
enableMultidayEvents boolean Enables creation of events that end more than 24 hours after they start. Admins control this field on the Activity Settings page.
enableSimpleTaskCreateUI boolean Allows admins to specify whether tapping New Task in Salesforce opens a regular task record edit page or a page that displays key task fields first. Admins control this field on the Activity Settings page.
enableRollUpActivToContactsAcct boolean Enables a contact's activities to be rolled up and displayed on the contact's primary account. Default value is true. Available in API versions 47.0 and later.
enableUserListViewCalendars boolean Allows users to create and view user list view calendars in Lightning Experience. Available in API versions 47.0 and later
showEventDetailsMultiUserCalendar boolean Displays event details on-screen rather than in hover text. Admins control this field on the Activity Settings page.
allowUsersToRelateMultipleContactsToTasksAndEvents boolean This field indicates whether Shared Activities is enabled. When the value is true, allows users to relate multiple contacts to a task or event.
enableActivityReminders boolean Enables popup activity reminders for an organization. Admins control this field on the Activity Settings page.
enableListViewScheduling boolean Extends the functionality of enableDragAndDropScheduling and enableClickCreateEvents to list view calendars. Admins control this field on the User Interface settings page.
enableUNSTaskDelegatedToNotifications boolean On the Activity Settings page, exposes a setting for Admins to hide or show a user setting that lets individual users enable or disable email notifications when tasks are assigned to them.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableApexCtrlImplicitWithSharingPref boolean Indicates whether the Use with sharing for @AuraEnabled Apex Controllers with Implicit Sharing critical update is activated (true) or not (false)
enableCompileOnDeploy boolean Indicates whether Apex code is automatically recompiled (true) or not (false). When set to true, code is recompiled before completing a metadata deployment, change set deployment, package installation, or package upgrade. The default value is true for production orgs and false for others.
enableAggregateCodeCoverageOnly boolean Indicates whether aggregate (not detailed) totals are tracked for Apex test coverage data (true) or not (false). The default value is false.
enableApexApprovalLockUnlock boolean Indicates whether approval process lock and unlock operations from Apex code are allowed (true) or not (false). The default value is false.
enableAuraApexCtrlAuthUserAccessCheckPref boolean Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile critical update is activated (true) or not (false).
enableDisableParallelApexTesting boolean Indicates whether Apex tests are serially executed (true) or not (false). The default value is false.
enableMngdCtrlActionAccessPref boolean Indicates whether the Disable Access to Non-global Apex Controller Methods in Managed Packages critical update is activated (true) or not (false).
enableApexPropertyGetterPref boolean Indicates whether the Enforce Access Modifiers on Apex Properties in Lightning Component Markup critical update is activated (true) or not (false).
enableAuraApexCtrlGuestUserAccessCheckPref boolean Indicates whether the Restrict Access to @AuraEnabled Apex Methods for Guest and Portal Users Based on User Profile critical update is activated (true) or not (false).
enableGaplessTestAutoNum boolean Indicates whether autonumbering gaps are prevented by Apex test executions not incrementing autonumber fields for non-test records (true) or not (false). The default value is true.
enableNonCertifiedApexMdCrud boolean Indicates whether Apex classes can access metadata, public or protected, through classes in the Metadata namespace (true) or not (false). The default value is false.
enableSecureNoArgConstructorPref boolean Indicates whether Apex type visibility rules are strictly enforced for the Type.newInstance method (true) or not (false). The default value is false. When enabled, regardless of API version, you can instantiate only Apex classes with a no-arguments constructor that is visible to the code running Type.newInstance. Available in API version 48.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
caSigned boolean Required. Indicates whether this certificate is signed by the issuer (true) or not (false).
fullName string Unique identifier for the certificate
expirationDate number The date the certificate expires and is no longer usable.
keySize number The size of the key in bits.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableChatterEmoticons boolean Indicates whether the automatic conversion of text characters, such as :), into a graphic emoticon is allowed in Chatter (true) or isn't allowed (false). In Setup, enableChatter equates to the Chatter setting Allow Emoticons.
enableFeedEdit boolean Indicates whether qualified users can edit feed posts and comments (true) or not (false). Qualified users include. The author of the post or comment. The person who owns the record that was posted to or commented on. The Chatter or site moderator. In Setup, enableFeedEdit equates to the Chatter setting Allow users to edit posts and comments.
enableFeedsDraftPosts boolean Indicates whether draft posts are automatically saved every seven seconds (true) or not (false). When set to true. Adds the My Drafts feed to the Chatter tab. Saves draft posts automatically every seven seconds. Makes drafts available in the My Drafts feed. When the user posts the entry, the draft is automatically removed from the My Drafts feed. In Setup, enableFeedsDraftPosts equates to the Chatter setting Allow draft posts.
enableTodayRecsInFeed boolean Indicates whether to allow the posting of recommendations for using the Salesforce Today app in users' feeds (true) or not (false). When set to true, automatically posts recommendations for using the Salesforce Today app in users' feeds. In Setup, enableTodayRecsInFeed equates to the Chatter setting Allow Today Recommendations.
unlistedGroupsEnabled boolean Indicates whether to allow the creation of unlisted groups (true) or to prevent their creation (false). When the value is set to true, users can create unlisted groups. Unlisted groups don't appear on the Groups list page. Membership in unlisted groups is by invitation only. In Setup, unlistedGroupsEnabled equates to the Chatter setting Enable Unlisted Groups.
allowChatterGroupArchiving boolean Indicates whether manual and automatic group archiving are allowed on all Chatter groups (true) or aren't allowed (false).
enableFeedPinning boolean Indicates whether to allow the pinning of posts in a feed (true) or not (false). When set to true. Authorized users can pin posts to the top of the feed. The feed supports up to three pinned posts. Pinned posts stay pinned until they're unpinned. After post pinning is enabled, authorized users include admins and group owners and managers. Admins can also assign post pinning permission through permission sets or user profiles. In Setup, enableFeedPinning equates to the Chatter setting Allow post pinning.
enableFeedsRichText boolean Indicates whether to use the Rich Text Editor in the Chatter Publisher (true) or not (false). The rich text editor supports text formats, inline images, hyperlinks, and, when enabled for the org, code snippets. In Setup, enableFeedsRichText equates to the Chatter setting Allow users to compose rich text posts.
enableInviteCsnUsers boolean Indicates whether a licensed user can invite customers to private groups that the licensed user owns or manages (true) or not (false). When the value is set to true, licensed users can invite customers who are from outside org email domains. Invited customers can see information only in the groups that they're invited to. They can interact only with members of those groups. In Setup, enableInviteCsnUsers equates to the Chatter setting Allow customer invitations.
enableOutOfOfficeEnabledPref boolean Indicates whether to add an Out of Office setting to a user profile page (true), or to omit it (false). When the value is set to true, this option adds a control to user profile pages for setting a personal out-of-office message. In Setup, enableOutOfOfficeEnabledPref equates to the Chatter setting Users can set Out of Office message.
enableRichLinkPreviewsInFeed boolean Indicates whether to convert links in posts into embedded videos, images, and article previews (true) or not to convert the links (false). In Setup, enableRichLinkPreviewsInFeed equates to the Chatter setting Allow Rich Link Previews.
allowRecordsInChatterGroup boolean Indicates whether records can be associated with groups (true), or not (false). If groups already have record data, setting this field to false doesn't delete it. In Setup, allowRecordsInChatterGroup equates to the Chatter setting Allow Records in Groups.
enableCaseFeedRelativeTimestamps boolean In Case feeds, indicates whether to use relative (true) or absolute (false) date and time stamp formats on Case feed items. When the value is true, Case feed items show a relative timestamp (for example, 10m ago). When the value is true, users can hover over the relative timestamp to see the absolute. When the value is false, Case feed items show an absolute timestamp (for example, January 7, 2020 at 12:15PM). When you change this setting, all timestamps in Case feeds reflect that change. The default value is true. This field is available in API version 48.0 and later. In Setup, enableCaseFeedRelativeTimestamps equates to the Chatter setting Show relative timestamp
enableChatter boolean Indicates whether Chatter is enabled for your org (true) or not (false).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableCspNotesOnAccConPref boolean When true, allows customer users to access notes and attachments associated with accounts and contacts. Available in API version 48.0 and later.
applyLoginPageTypeToEmbeddedLogin boolean When true, applies the Experience Cloud site login page type (default, Login Discovery, Experience Builder, or Visualforce) to all Embedded Login implementations. When false, applies the username and password login page type to all Embedded Login implementations. For orgs created before the Salesforce Summer '20 release, the default setting is false. For new orgs, the default setting is true. Available in API version 49.0 and later.
enableEnablePRM boolean When true, allows admins to enable partner users. Available in API version 48.0 and later.
enableExternalAccHierPref boolean When true, enables the External Account Hierarchy object. Available in API version 48.0 and later.
enableOotbProfExtUserOpsEnable boolean When true, allows use of standard external profiles for self-registration and user creation. Available in API version 48.0 and later.
enablePRMAccRelPref boolean When true, enables Account Relationship object and Account Relationship Data Sharing Rule setup options. Available in API version 48.0 and later.
enableRelaxPartnerAccountFieldPref boolean When true, allows editing for partner account fields on and opportunities and leads. Available in API version 48.0 and later.
enableCspContactVisibilityPref boolean When true, allows users to see contacts from private accounts that they have read access to, when the contact is controlled by the parent record. Available in API version 48.0 and later.
enableNetPortalUserReportOpts boolean When true, allows external users in Experience Cloud sites, with permission, to run reports. Available in API version 48.0 and later.
enableInviteChatterGuestEnabled boolean When true, allows guest users to be invited to use Chatter. Available in API version 48.0 and later.
enableNetworksEnabled boolean When true, allows users to enable digital experiences. Available in API version 47.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
profileName string Specifies the profile (base-level user permissions) required to perform different functions with the connected app.
label string Required. The name of the app.
pluginExecutionUser string Specifies the user to run the plugin as.
attributes object A custom attribute of the connected app. Represents the field names that make up a custom attribute when using SAML with a ConnectedApp. Tailor these values to a specific service provider.
 formula string The value of the attribute.
 key string The attribute's identifier.
canvasConfig object The configuration options of the connected app if it's exposed as a canvas app.
 accessMethod string Indicates how the canvas app initiates the OAuth authentication flow.
 canvasUrl string The URL of the third-party app that's exposed as a canvas app.
 lifecycleClass string The name of the Canvas.CanvasLifecycleHandler Apex class.
 locations string Indicates where the canvas app can appear to the user.
 options string Indicates whether to hide the share button and header in the publisher for your canvas app, and whether the app is a canvas personal app.
 samlInitiationMethod string If you're using SAML single sign-on (SSO), indicates which provider initiates the SSO flow.
description string An optional description for your app.
iconUrl string Reserved for future use.
oauthPolicy object Specifies Oauth access policies associated with your connected app.
 ipRelaxation string Specifies whether a user's access to the connected app is restricted by IP ranges.
 refreshTokenPolicy string Specifies how long a refresh token is valid for.
 singleLogoutUri string If single logout is enabled, specify the single logout URL.
plugin string The name of a custom Apex class that extends Auth.ConnectedAppPlugin to customize the behavior of the app.
sessionPolicy object Specifies the configuration options for a connected app's session policies. Use these policies to define how long a user's session can last before reauthenticating, to block user access to the connected app, or to require multi-factor authentication (MFA) to access the app.
 policyAction string If the High Assurance session security level is applied to the connected app, specify associated high assurance action.
 sessionLevel string Applies the High Assurance session security level to the connected app. This session level requires users to verify their identity with multi-factor authentication when they log in to the connected app.
 sessionTimeout number The length of time the connected app's session lasts.
startUrl string If the app isn't accessed from a mobile device, users are directed to this URL after they've authenticated.
contactEmail string Required. The email address Salesforce uses for contacting you or your support team.
contactPhone string The phone number for Salesforce to use to contact you.
ipRanges list<object> Specifies the ranges of IP addresses that can access the app without requiring the user to authenticate with the connected app.
 startAddress string The first address in the IP range, inclusive.
 endAddress string The last address in the IP range, inclusive.
 description string Use this field to identify the purpose of the range, such as which part of a network corresponds to this range.
logoUrl string An optional logo for the app. The logo appears with the app's entry in the list of apps and on the consent page the user sees when authenticating. The URL must use HTTPS, and the logo can't be larger than 125 pixels high or 200 pixels wide. The default logo is a cloud.
oauthConfig object Represents the field names that configure how your connected app communicates with Salesforce.
 isSecretRequiredForTokenExchange boolean If set to true, the connected app must include its consumer secret (client_secret) in the token request during the OAuth 2.0 token exchange flow. For security, set this field to true only if your app has a private client backend where it can keep the secret safe. For public client apps, such as single-page apps and mobile apps, set this field to false and do not include the consumer secret.
 isTokenExchangeEnabled boolean If set to true, the connected app can use the OAuth 2.0 token exchange flow to exchange tokens from an external identity provider for Salesforce tokens.
 certificate string The PEM-encoded certificate string, if the app uses a certificate.
 consumerKey string A value used by the consumer for identification to Salesforce.
 isCodeCredentialEnabled boolean Determines whether the app can use the Authorization Code and Credentials Flow to provide identity services to headless, off-platform apps. The Authorization Code and Credentials Flow is the foundation of headless login, headless registration, headless passwordless login, and headless guest identity. If set to true, the connected app can use the Authorization Code and Credentials Flow and all associated Headless Identity features. The default value is false. This field is available in API version 57.0 and later
 isConsumerSecretOptional boolean If set to false (default setting), the connected app's client secret is required in exchange for an access token in the OAuth 2.0 web server flow.
 scopes list<object> A list of scopes associated with the connected app. The scopes refer to permissions given by the user running the connected app.
 scope string The name of the scope.
 singleLogoutUrl string The single logout endpoint. This URL is the endpoint where Salesforce sends a logout request when users log out of Salesforce.
 assetTokenConfig object Specifies an OAuth asset token configuration for the connected app OAuth settings.
 assetAudiences string The audience claim associated with the asset token payload. This claim identifies who the JWT is intended for.
 assetIncludeAttributes boolean If set to true (default setting), custom attributes associated with the connected app are included in the asset token payload. If set to false, these attributes aren't included.
 assetIncludeCustomPerms boolean If set to true (default setting), custom permissions associated with the connected app are included in the asset token payload. If set to false, these permissions aren't included.
 assetSigningCertId string The ID of the JWT certificate's signing secret.
 assetValidityPeriod number The asset token's validity period. The validity must be the expiration time of the assertion within 3 minutes, expressed as the epoch number.
 consumerSecret string A value that is combined with the consumerKey and used by the consumer for identification to Salesforce.
 isClientCredentialEnabled boolean If set to true, the connected app can use the OAuth 2.0 client credentials flow. To use the client credentials flow, you must also specify a user for oauthClientCredentialUser. If set to false (default), the connected app can't use the client credentials flow.
 isNamedUserJwtEnabled boolean If set to true, the connected app is enabled to issue JSON Web Token (JWT)-based access tokens. For installed apps, JWT-based access tokens must also be enabled in your connected app policies. This field is generally available in API version 59.0 and later.
 isIntrospectAllTokens boolean If set to true, authorizes the connected app to introspect all access and refresh tokens within the entire org. If set to false (default), the connected app can introspect its own tokens.
 isRefreshTokenRotationEnabled boolean If set to true, the connected app issues a new refresh token each time the OAuth refresh token flow is invoked. The old refresh token is automatically invalidated. If a user tries to use a previous refresh token that has been invalidated, the current refresh token and its associated access tokens get deleted. If set to false, the refresh token can be used to obtain multiple access tokens.
 callbackUrl string The endpoint that Salesforce calls back to your connected app during OAuth; it's the OAuth redirect_uri.
 idTokenConfig object Specifies the ID token configuration for the connected app OAuth settings.
 idTokenAudience string The audiences that this ID token is intended for.
 idTokenIncludeAttributes boolean Indicates whether attributes are included in the ID token.
 idTokenIncludeCustomPerms boolean Indicates whether custom permissions are included in the ID token.
 idTokenIncludeStandardClaims boolean Indicates whether standard claims about the authentication event are included in the ID token.
 idTokenValidity number The length of time that the ID token is valid for after it's issued. The value can be from 1 to 720 minutes. The default is 2 minutes.
 isAdminApproved boolean If set to false (default setting), anyone in the org can authorize the app. Users must approve the app the first time they access it. If set to true, only users with the appropriate profile or permission set can access the app. These users don't have to approve the app before they can access it.
 isCodeCredentialPostOnly boolean For the Authorization Code and Credentials Flow, determines whether the user's credentials must be sent in the body of the initial HTTPS POST request to the Salesforce authorization endpoint. Requiring the credentials in the POST body instead of in the header improves security. If set to true, the user's credentials must be included in the POST body. The default value is false.
 isPkceRequired boolean Determines whether the Proof Key for Code Exchange (PKCE) extension is required for variations of the OAuth 2.0 authorization code flow configured for the connected app, including the web server flow and Authorization Code and Credentials Flow. For public client apps that can't keep the consumer secret confidential, such as mobile apps, the PKCE extension helps ensure that the client that initiates an authorization flow is the same client that completes it. For this reason, we always recommend implementing PKCE for public clients. We also strongly recommend that you implement PKCE for private clients. If set to true, the PKCE extension is required and any authorization code flow variations that don't implement it fail. If set to false, you can still implement PKCE but it isn't required. The default value is false. This field is available in API version 59.0 and later.
 isSecretRequiredForRefreshToken boolean If set to true (default), the app's client secret is required in the authorization request of a refresh token and hybrid refresh token flow. If set to false and an app sends the client secret in the authorization request, Salesforce still validates it.
permissionSetName string Specifies the permissions required to perform different functions with the connected app.
samlConfig object Specifies how an app uses single sign-on.
 samlSigningAlgoType string Indicates the signing algorithm applied to SAML requests and responses when Salesforce is the identity provider.
 samlSloUrl string The SAML single-logout endpoint of the connected app service provider (SP). This endpoint is where SAML LogoutRequests and LogoutResponses are sent when users log out of Salesforce. The SP provides this endpoint.
 certificate string The PEM-encoded certificate string, if the app uses a certificate.
 samlNameIdFormat string Indicates the format the service provider (SP) requires for the user's single sign-on identifier.
 samlSubjectCustomAttr string If the samlSubjectType is CustomAttr, include that custom value here; otherwise, leave empty.
 samlSubjectType string The single sign-on identifier for the user.
 acsUrl string The assertion consumer service URL from the service provider.
 entityUrl string The entity ID from your service provider.
 encryptionCertificate string The name of the certificate to use for encrypting SAML assertions to the service provider. This certificate is saved in the organization's Certificate and Key Management list.
 encryptionType string When Salesforce is the identity provider, the SAML configuration can specify the encryption method used for encrypting SAML assertions to the service provider. The service provider detects the encryption method in the SAML assertion for decryption.
 issuer string A URI that sends the SAML response. A service provider can use this URI to determine which identity provider sent the response.
 samlIdpSLOBinding string The SAML HTTP binding type from the service provider used for single logout.
id string id is the unique identifier of the connected app.
infoUrl string An optional URL for a web page with more information about your app.
mobileStartUrl string Users are directed to this URL after they've authenticated when the app is accessed from a mobile device. If you don't give a URL, the user is sent to the app's default start page after authentication completes. If the connected app that you're creating is a canvas app, then you can leave this field blank. The Canvas App URL field contains the URL that gets called for the connected app.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
appID string The unique identifier of Connected Application
riskLevel string The risk level associated with the Connected Application.
permissions list<string> The permissions associated with the Connected Application.
permissionsMetadata list<object> Metadata for each permission associated with the Connected Application.
 riskLevel string Risk level of the permission.
 firstSeenTime number Timestamp when the permission was first seen.
 removedTime number Timestamp when the permission was removed (0 if not removed).
 riskScore number Risk score of the permission. Not present when riskLevel is Unknown.
 name string Name of the permission.
connectedAppName string Name of the Connected Application.
riskScore number The risk score associated with the Connected Application.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAdminApprovedAppsOnly boolean If false (default), any connected app can call the Salesforce API. If true, only apps that have been approved or installed by the admin can call the Salesforce API. To access this field, you must contact Salesforce Customer Support to enable API Access Control.
enableAdminApprovedAppsOnlyForExternalUser boolean If false (default), authenticated customers or partners can use any unblocked connected app to access the Salesforce API. If true, authenticated customers and partners can't access the Salesforce API unless they use a connected app that is installed in the org and unblocked. Install and unblock connected apps on the Connected Apps OAuth Usage page. To access this field, you must contact Salesforce Customer Support to enable API Access Control.
enableSkipUserProvisioningWizardWelcomePage boolean If false (default), the User Provisioning Wizard Welcome page shows up when you access the wizard. To skip the welcome page in the future, you can select Do not show me this next time. If true, the Welcome page doesn't show up the next time that you access the wizard.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
MobileStartUrl string Users are directed to this URL after they've authenticated when the app is accessed from a mobile device.
CreatedById string User The unique identifier (id) for the User who created the Connected Application.
OptionsHasSessionLevelPolicy boolean Specifies whether the connected app requires a High Assurance level session.
LastModifiedById string User The unique identifier (id) for the User who modified the Connected Application recently.
Name string The unique name for this object.
OptionsAllowAdminApprovedUsersOnly boolean Indicates whether access is limited to users granted approval to use the connected app by an administrator. Manage profiles for the app by editing each profile's Access list.
CreatedDate number The time when the Connected Application was created
MobileSessionTimeout string Length of time after which the system logs out inactive mobile users
OptionsRefreshTokenValidityMetric boolean Specifies whether the refresh token validity is based on duration or inactivity. If true, the token validity is measured based on the last use of the token; otherwise, it is based on the token duration.
PinLength number For mobile apps, this field is the PIN length requirement for users of the connected app. Valid values are 4, 5, 6, 7, or 8.
RefreshTokenValidityPeriod number The duration of an authorization token until it expires in hours, months, or days as set in the connected app management page.
StartUrl string If the app is not accessed from a mobile device, users are directed to this URL after they've authenticated.
Id string The unique identifier of Connected Application
LastModifiedDate number The time when the Connected Application was last modified by a user
SystemModstamp number The time when the Connected Application was last modified by a user or an automated process (such as a trigger)
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
isApplicableToFrameSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load resources contained in iframe elements from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToImgSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load images from this trusted URL (true) or not (false). This field has a default value of false.
canAccessCamera boolean Indicates whether this CspTrustedSite can access the user camera (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantCameraAccess field equals TrustedUrls in the SecuritySettings metadata API type.
canAccessMicrophone boolean Indicates whether this CspTrustedSite can access the user microphone (true) or not (false). The default value is false. This field takes effect only when the enablePermissionsPolicy field equals true and the grantMicrophoneAccess field equals TrustedUrls in the SecuritySettings metadata API type.
endpointUrl string The URL for this CspTrustedSite. This field must include a domain name and can include a port.
isActive boolean Indicates whether this CspTrustedSite is active (true) or not (false). The default value is true.
isApplicableToConnectSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load URLs using script interfaces from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToMediaSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load audio and video from this trusted URL (true) or not (false). This field has a default value of false.
isApplicableToStyleSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load style sheets from this trusted URL (true) or not (false). This field has a default value of false.
id string The unique id of this trusted URL.
context string Declares the scope of the CSP directives for this trusted URL. All-Apply the CSP directives to all supported context types. Communities-Apply the CSP directives to Experience Builder sites only. FieldServiceMobileExtension-Apply the CSP directives to the Field Service Mobile Extensions only. LEX-Apply the CSP directives to Lightning Experience pages only. VisualForce-Apply the CSP directives to custom Visualforce pages only.
description string The description of this trusted URL.
isApplicableToFontSrc boolean Indicates whether Lightning components, third-party APIs, and WebSocket connections can load fonts from this trusted URL (true) or not (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
allowHomePage boolean Indicates if the home page is accessible.
allowStandardSearch boolean Indicates if standard search is accessible.
browserXssProtection boolean Indicates if browser XSS protection is enabled.
chatterAnswersForgotPasswordPage string The forgot password page for Chatter Answers.
chatterAnswersLoginPage string The login page for Chatter Answers.
serverIsDown string The page displayed when the server is down.
siteAdmin string The site administrator.
allowStandardPortalPages boolean Indicates if standard portal pages are accessible.
authorizationRequiredPage string The page displayed when authorization is required.
favoriteIcon string The favicon for the site.
genericErrorPage string The page displayed for generic errors.
allowStandardAnswersPages boolean Indicates if standard Answers pages are accessible.
chatterAnswersForgotPasswordConfirmPage string The confirmation page for Chatter Answers forgot password.
clickjackProtectionLevel string The level of clickjack protection. Valid values are AllowAllFraming, SameOriginOnly, or NoFraming.
contentSniffingProtection boolean Indicates if content sniffing protection is enabled.
guestProfile string The profile used for guest users.
inactiveIndexPage string The index page displayed when the site is inactive.
portal string The portal associated with the site.
robotsTxtPage string The robots.txt page.
allowGuestPaymentsApi boolean Allows guest users to access the Payments API.
allowStandardLookups boolean Indicates if standard lookup pages are accessible.
chatterAnswersHelpPage string The help page for Chatter Answers.
fileNotFoundPage string The page displayed when a file is not found.
indexPage string The index page for the site.
myProfilePage string The My Profile page.
siteGuestRecordDefaultOwner string The default owner for guest user records.
siteRedirectMappings list<object> List of redirect mappings for the site.
 action string The redirect action type. Available values are Permanent and Temporary.
 isActive boolean The status of the redirect: active or inactive.
 source string The source URL path for the redirect.
 target string The target URL path for the redirect.
description string The description of the site.
active boolean Indicates if the site is active (true) or inactive (false).
allowStandardIdeasPages boolean Indicates if standard Ideas pages are accessible.
changePasswordPage string The page used for changing passwords.
referrerPolicyOriginWhenCrossOrigin boolean Indicates if the referrer policy is origin-when-cross-origin.
selfRegPage string The self-registration page.
id string The unique identifier for this custom site.
customWebAddresses list<object> List of custom web addresses for this site.
 certificate string The certificate associated with this custom web address.
 domainName string The domain name for this custom web address.
 primary boolean Indicates if this is the primary web address.
inMaintenancePage string The page displayed when the site is in maintenance mode.
redirectToCustomDomain boolean Indicates if the site redirects to a custom domain.
siteTemplate string The template used for the site.
siteType string The type of site. Valid values are Visualforce, Siteforce, ChatterNetwork, or ChatterNetworkPicasso.
subdomain string The subdomain for the site.
urlPathPrefix string The URL path prefix for the site.
analyticsTrackingCode string The analytics tracking code for the site.
enableAuraRequests boolean Indicates if Aura requests are enabled.
forgotPasswordPage string The forgot password page.
siteIframeWhiteListUrls list<object> List of URLs allowed to be embedded in iframes.
 url string The URL that is allowed to be embedded in iframes.
fullName string The developer name of the custom site.
bandwidthExceededPage string The page displayed when bandwidth is exceeded.
cachePublicVisualforcePagesInProxyServers boolean Indicates if public Visualforce pages are cached in proxy servers.
chatterAnswersRegistrationPage string The registration page for Chatter Answers.
masterLabel string The label for the site.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
id string Unique identifier for the DelegateGroup
groups list<string> The groups with users assigned by delegated administrators.
label string Required. The delegated group's non-API name.
permissionSets list<string> The permission sets assignable to users in specified roles and all subordinate roles by delegated administrators.
profiles list<string> The profiles assignable to users by delegated administrators.
roles list<string> The roles and subordinates for which delegated administrators of the group can create and edit users.
fullName string Name of the DelegateGroup
customObjects list<string> The custom objects associated with the group. Delegated administrators can customize nearly every aspect of each of those custom objects, including creating a custom tab. However, they cannot create or modify relationships on the objects or set organization-wide sharing defaults. Delegated administrators must have access to custom objects to access the merge fields on those objects from formulas.
loginAccess boolean Required. Allows users in this group to log in as users in the role hierarchy that they administer (true) or not (false). Depending on your organization settings, individual users must grant login access to allow their administrators to log in as them.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedById string User The unique identifier (id) for the User who assigned the user to DelegateGroup.
CreatedDate number The time when the DelegateGroupMember was created.
UserOrGroupId string User The reference indicating the user id of the delegated administrator for the delegate group currently. Group is reserved for future development by Salesforce.
Id string The unique identifier of DelegateGroupMember.
DelegateGroupId string DelegateGroup The id of the associated delegate group.
SystemModstamp number The time when the DelegateGroupMember was last modified by a user or an automated process (such as a trigger).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableEmailSpfCompliance boolean Indicates whether outgoing emails comply with Sender Policy Framework (SPF) email authentication (true) or not (false). This field has a default value of true.
enableInternationalEmailAddresses boolean Indicates whether non-Latin-based characters are allowed in email addresses (true) or not (false) when sending emails to and from Salesforce. This field has a default value of true in orgs created in Summer '20 or later. In orgs created in Spring '20 or earlier, the default value is false. Available in API version 49.0 and later.
enableSendViaExchangePref boolean Indicates whether users can use Office 365 to send emails (true) or not (false). Default value is false.
sendMassEmailNotification boolean Indicates whether users receive an auto-generated status email from Salesforce for each mass email they send (true) or not (false). This field has a default value of true.
sendTextOnlySystemEmails boolean Indicates whether all system emails are sent via text only (true) or allow other formats (false). This field has a default value of false.
enableEmailConsentManagement boolean Indicates whether Enforce Email Privacy Settings is enabled (true) or not (false). When enabled, Salesforce respects each recipient's email privacy preferences. Default value is false.
enableEmailSenderIdCompliance boolean Indicates whether outgoing emails comply with Sender ID email protocols (true) or not (false). This field has a default value of false. To enable this preference, enableEmailSpfCompliance must be set to true.
enableEnhancedEmailEnabled boolean Indicates whether Enhanced Email is enabled (true) or not (false). Default value is true.
enableResendBouncedEmails boolean Indicates whether the system forwards a copy of each bounced email message to the sender (true) or only displays the bounce alert (false). This field has a default value of false. To enable this preference, enableHandleBouncedEmails must be set to true.
enableUseOrgFootersForExtTrans boolean Indicates whether emails sent through external email services (such as Gmail or Office 365) include the Salesforce footer (true) or not (false). This field has a default value of false.
enableRestrictTlsToDomains boolean Indicates whether the selected Transport Layer Security (TLS) setting applies only to specific domains (true) or applies to all domains (false). This field has a default value of false.
enableComplianceBcc boolean Indicates whether a copy of each outbound email message is sent to an email address you specify (true) or not (false). This field has a default value of false.
enableHandleBouncedEmails boolean Indicates whether emails sent from Salesforce to an invalid email address bounce back to Salesforce (true) or not (false) . This field has a default value of true. With bounce handling enabled, reps know which lead, contact, or person account has a bad email address, and they know which specific email wasn't delivered.
enableHtmlEmail boolean Indicates whether users receive Email-To-Case emails in HTML format (true) or receive a text version instead (false). This field has a default value of false. When this field is set to true, users receive a warning message about potential malicious HTML before they view incoming HTML email content.
enableEmailToSalesforce boolean Indicates whether Email to Salesforce is enabled (true) or disabled (false). This field has a default value of false.
enableEmailWorkflowApproval boolean Indicates whether users can respond to email approval requests directly from their email (true) or not (false). This field has a default value of false.
enableListEmailLogActivities boolean Indicates whether Salesforce logs sent list emails as activities (true) or not (false). Default value is true.
enableSendViaGmailPref boolean Indicates whether users can use Gmail to send emails (true) or not (false). Default value is false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
Host string Indicates the host name or IP address of your company's SMTP server
IsRequireAuth boolean Indicates whether (true) or not (false) authentication is required. When setting this field to true, the TlsSetting must be set to RequiredVerify.
TlsSetting string Specifies whether Salesforce uses TLS for SMTP sessions. Possible values include: Off, Preferred, Required, PreferredVerify, RequiredVerify.
Username string Specifies the username for relay host STMP authentication. When IsRequireAuth is set to true, this field is required.
AuthType string Specifies which SASL mechanism Salesforce uses for SMTP authentication. This field is available when Enable SMTP Auth is selected. Possible values include: PLAIN, LOGIN.
Port string Indicates the port number of your company's SMTP server. Possible values include: 25, 587, 10025, 11025.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
canOptOutOfDerivationWithBYOK boolean Indicates that users can opt out of key derivation processes on a key-by-key basis when they upload key material (true) or can't (false). The default value is false.
enableCacheOnlyKeys boolean Indicates whether the Cache-Only Key Service is available (true) or not (false). The default value is false. If set to true, users can configure a cache-only key callout connection and apply key material stored outside of Salesforce to data on demand.
enableReplayDetection boolean Indicates whether cache-only key callouts are protected from replay attacks by a nonce (true) or not (false). Requires enableCacheOnlyKeys='true' before setting enableReplayDetection to true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableDeleteMonitoringData boolean Allows (true) or disallows (false) users to delete event log files and LoginEvent data. Users require the Delete Event Monitoring Records user permission, which is available when this setting is enabled. Default value is false.
enableTransactionSecurityPolicies boolean Enables (true) or disables (false) the ability to create and use transaction security policies in the Salesforce UI. Default value is false.
enableDynamicStreamingChannel boolean Enables (true) or disables (false) the dynamic creation of a streaming channel when you subscribe to generic streaming. Default value is false.
enableLoginForensics boolean Enables (true) or disables (false) the Login Forensics feature. Login Forensics helps you track and audit your org's user login activity. Default value is false. Available in API versions 47.0-49.0.
enableStreamingApi boolean Enables (true) or disables (false) Streaming API in the org. Default value is true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
dispositions object Represents the metadata used to manage file type behavior.
 behavior string File download behavior
 filetype string The file type that this disposition applies to
 securityRiskFiletype boolean Indicates file types that cannot have behavior set to EXECUTE, due to security risks.
noHtmlUploadAsAttachment boolean Indicates whether to allow HTML uploads as attachments or document records.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
RelatedId string Represents the ID of the associated groups. For groups of type "Role" the ID of the associated UserRole. The RelatedId field is polymorphic.
Type string Required. Type of the group. One of the following values: ["AllCustomerPortal", "ChannelProgramGroup", "CollaborationGroup", "Manager", "ManagerAndSubordinatesInternal", "Organization","Participant","PRMOrganization","Queue","Regular","Role","RoleAndSubordinates","RoleAndSubordinatesInternal","Territory","TerritoryAndSubordinates"]
SystemModstamp number The time when the Group was last modified by a user or an automated process (such as a trigger).
DeveloperName string The name of the object in the API. This name is unique by group type and corresponds to Group Name in the user interface.
DoesIncludeBosses boolean Indicates whether the managers have access (true) or do not have access (false) to records shared with members of the group.
DoesSendEmailToMembers boolean Indicates whether the email is sent (true) or not sent (false) to the group members. The email is sent to queue members as well.
Id string The unique identifier of Group.
CreatedDate number The time when the Group was created.
LastModifiedById string User The unique identifier (id) for the User who modified the Group.
Email string Email address for a group of type Case. Applies only for a case queue.
OwnerId string ID of the user who owns the group.
CreatedById string User The unique identifier (id) for the User who created the Group.
LastModifiedDate number The time when the Group was last modified by a user
Name string Required. Name of the group. Corresponds to Label on the user interface.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
SystemModstamp number The time when the GroupMember was created.
MemberType string Custom field added by SPM product to identify Type of member.
Id string The unique identifier of GroupMember.
GroupId string Group ID of the Group.
UserOrGroupId string User Group ID of the User or Group that is a direct member of the group.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAuraCDNPref boolean Indicates whether Lightning Experience and other apps use a content delivery network (CDN) to serve the static content for Lightning Component framework.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableS1EncryptedStoragePref2 boolean Indicates whether the Salesforce mobile web uses secure and persistent browser caching to improve performance (true) or not (false).
ATTRIBUTE TYPE REFERS TO DESCRIPTION
useStabilizedSandboxMyDomainHostnames boolean This field corresponds to the Stabilize the Hostname for My Domain URLs in Sandboxes release update, which was enforced in Summer '20. When true, the instance name is hidden in My Domain URLs for sandboxes orgs. For example, MyDomainName--test.cs5.my.salesforce.com became MyDomainName--test.my.salesforce.com. As of API version 49.0, this field's value is always true, regardless of the value that you set. Changing its value has no effect on Salesforce, even if it reads false. This change applies retroactively back to API version 47.0, when this field was first introduced. Previously, in API version 47.0 to 49.0, this field indicated whether the instance name was hidden in My Domain URLs for sandboxes orgs (true) or not (false), and the field's default value was false. Now, in all API versions, this field's value is always true, even if it reads false.
canOnlyLoginWithMyDomainUrl boolean If true, users must use the org's My Domain login URL to log in. If false (default), users can also log in using the org's instance Salesforce URL, https://InstanceName.salesforce.com, and through the login URL https://login.salesforce.com.
doesApiLoginRequireOrgDomain boolean If true, users must use the org's My Domain login URL to access the Salesforce API. If false (default), users can also access the Salesforce API using the generic Salesforce page, https://InstanceName.salesforce.com and through the login URL https://login.salesforce.com.
enableNativeBrowserForAuthOnAndroid boolean If true, use the native browser for authentication of Android mobile apps. Default is false.
enableNativeBrowserForAuthOnIos boolean If true, use the native browser for authentication of iOS mobile apps. Default is false.
useStabilizedMyDomainHostnames boolean Indicates whether the instance name is hidden in My Domain URLs for Visualforce, Experience Builder, Site.com Studio, and content files (true) or not (false). This field has a default value of true. For example, MyDomainName--PackageName.na44.visual.force.com becomes MyDomainName--PackageName.visualforce.com when this field is set to true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableMemberVisibility boolean Indicates if member visibility is enabled.
enableReputation boolean Indicates if reputation is enabled.
feedChannel string The feed channel for the network.
maxFileSizeKb number The maximum file size in KB.
recommendationDefinition list<object> List of recommendation definitions.
 recommendationDefinitionDetails list<object> List of recommendation definition details.
 scheduledRecommendations object Scheduled recommendations configuration.
 scheduledRecommendationDetails list<object> List of scheduled recommendation details.
 channel string The channel for the scheduled recommendation.
 enabled boolean Indicates if the scheduled recommendation is enabled.
 rank number The rank of the scheduled recommendation.
 recommendationAudience string The audience for this scheduled recommendation.
 setupName string The setup name for the recommendation.
 title string The title of the recommendation.
 actionUrl string The action URL for the recommendation.
 description string The description of the recommendation.
 linkText string The link text for the recommendation.
reputationPointsRules object The reputation points rules configuration.
 pointsRule list<object> List of reputation points rules.
 eventType string The type of event that triggers points.
 points number The number of points awarded for this event.
selfRegProfile string The profile used for self-registration.
embeddedLoginEnabled boolean Indicates if embedded login is enabled.
enablePrivateMessages boolean Indicates if private messages are enabled.
sendWelcomeEmail boolean Indicates if welcome email is sent.
verificationTemplate string The email template used for verification.
welcomeTemplate string The email template used for welcome notifications.
enableShowAllNetworkSettings boolean Indicates if all network settings are shown.
reputationLevels object The reputation levels configuration.
 level list<object> List of reputation level definitions.
 branding object The branding for this reputation level.
 smallImage string The small image for this reputation level.
 label string The label for this reputation level.
 lowerThreshold number The lower threshold for this reputation level.
enableSiteAsContainer boolean Indicates if site as container is enabled.
enableTopicSuggestions boolean Indicates if topic suggestions are enabled.
headlessForgotPasswordTemplate string The email template used for headless forgot password.
enableInvitation boolean Indicates if invitations are enabled.
enableNicknameDisplay boolean Indicates if nickname display is enabled.
allowedExtensions string Specifies the types of files allowed in your site.
allowInternalUserLogin boolean Indicates if internal users can log in to the community.
description string The description of the network.
disableReputationRecordConversations boolean Indicates if reputation record conversations are disabled.
lockoutTemplate string The email template used for lockout notifications.
status string The status of the network. Valid values are UnderConstruction, Live, or DownForMaintenance.
caseCommentEmailTemplate string The email template used for case comment notifications.
enableGuestMemberVisibility boolean Indicates if guest users can see member visibility.
enableTalkingAboutStats boolean Indicates if talking about stats are enabled.
enableUpDownVote boolean Indicates if up/down voting is enabled.
headlessRegistrationTemplate string The email template used for headless registration.
networkMemberGroups object The network member groups configuration.
 permissionSet list<string> List of permission sets that grant access to the network.
 profile list<string> List of profiles that grant access to the network.
chgEmailVerOldTemplate string The email template used for email change verification (old email).
enableKnowledgeable boolean Indicates if Knowledgeable People feature is enabled.
enableLWRExperienceConnectedApp boolean Indicates if LWR Experience Connected App is enabled.
siteArchiveStatus string The archive status of the site.
enableApexCDNCaching boolean Indicates if Apex CDN caching is enabled.
enableGuestChatter boolean Indicates if guest users can access Chatter.
recommendationAudience object The recommendation audience configuration.
 recommendationAudienceDetails list<object> List of recommendation audience details.
 audienceCriteriaType string The type of audience criteria.
 audienceCriteriaValue string The value of the audience criteria.
 setupName string The setup name for the audience.
selfRegistration boolean Indicates if self-registration is enabled.
enableGuestFileAccess boolean Indicates if guest users can access files.
enableExperienceBundleBasedSnaOverrideEnabled boolean Indicates if Experience Bundle based SNA override is enabled.
forgotPasswordTemplate string The email template used for forgot password notifications.
networkAuthApiSettings object The network authentication API settings.
 registrationExecutionUser string The execution user for registration.
 doesPasswordLoginRequireAuth boolean Indicates if password login requires authentication.
 doesRegistrationRequireAuth boolean Indicates if registration requires authentication.
 isForgotPwdEmailTemplateAllowlistingEnabled boolean Indicates if forgot password email template allowlisting is enabled.
 isUniversalClientRgstrAllowed boolean Indicates if universal client registration is allowed.
 registrationHandler string The handler for registration.
 registrationUserDefaultProfile string The default profile for registration users.
 headlessDiscoveryExecutionUser string The execution user for headless discovery.
 headlessDiscoveryHandler string The handler for headless discovery.
 isForgotPwdAllowed boolean Indicates if forgot password is allowed.
 isRecaptchaRequiredPwdlessLogin boolean Indicates if reCAPTCHA is required for passwordless login.
 doesForgotPasswordRequireAuth boolean Indicates if forgot password requires authentication.
 isFirstPartyAppsAllowed boolean Indicates if first party apps are allowed.
 isHeadlessUserRegistrationAllowed boolean Indicates if headless user registration is allowed.
 isPwdlessLoginAllowed boolean Indicates if passwordless login is allowed.
 isUserDisambiguationAllowedForgotPwd boolean Indicates if user disambiguation is allowed for forgot password.
 isUserDisambiguationAllowedUsernamePwd boolean Indicates if user disambiguation is allowed for username/password.
 maxPasswordResetAttempts number The maximum number of password reset attempts allowed.
 recaptchaScoreThreshold number The reCAPTCHA score threshold.
 doesPwdlessLoginRequireAuth boolean Indicates if passwordless login requires authentication.
 emailTmplsAllowlist list<object> List of email templates allowed in the network.
 emailTemplate string The email template allowed in the network.
 isRecaptchaRequiredForgotPwd boolean Indicates if reCAPTCHA is required for forgot password.
 isRecaptchaRequiredRgstr boolean Indicates if reCAPTCHA is required for registration.
 recaptchaSecretKey string The reCAPTCHA secret key.
fullName string The developer name of the network.
chgEmailVerNewTemplate string The email template used for email change verification (new email).
deviceActEmailTemplate string The email template used for device activation.
emailFooterLogo string The logo used in email footers.
emailSenderAddress string The sender email address for notifications.
enableTopicAssignmentRules boolean Indicates if topic assignment rules are enabled.
gatherCustomerSentimentData boolean Indicates if customer sentiment data is gathered.
tabs object The tabs configuration.
 customTab list<string> List of custom tabs included in the network.
 defaultTab string The default tab for the network.
 standardTab string Standard tab that is part of the site.
communityRoles object The community roles configuration.
 customerUserRole string The role assigned to customer users in the community.
 employeeUserRole string The role assigned to employee users in the community.
 partnerUserRole string The role assigned to partner users in the community.
emailSenderName string The sender name for notifications.
enableExpFriendlyUrlsAsDefault boolean Indicates if Experience Cloud friendly URLs are enabled as default.
site string The site name.
emailFooterText string The text used in email footers.
enableCustomVFErrorPageOverrides boolean Indicates if custom Visualforce error page overrides are enabled.
enableDirectMessages boolean Indicates if direct messages are enabled.
enableImageOptimizationCDN boolean Indicates if image optimization CDN is enabled.
id string The unique identifier for this network (Experience Cloud site).
changePasswordTemplate string The email template used for change password notifications.
logoutUrl string The URL to redirect users after logout.
allowMembersToFlag boolean Indicates if members can flag content.
newSenderAddress string The new sender address.
picassoSite string The Picasso site name.
urlPathPrefix string The URL path prefix for the network.
networkPageOverrides object The network page overrides configuration.
 changePasswordPageOverrideSetting string The override setting for the change password page. Valid values are Standard, Designer, or Configurable.
 forgotPasswordPageOverrideSetting string The override setting for the forgot password page.
 homePageOverrideSetting string The override setting for the home page.
 loginPageOverrideSetting string The override setting for the login page.
 selfRegProfilePageOverrideSetting string The override setting for the self-registration profile page.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
AccessToken string The refresh token for authorization.
AppName string ConnectedApp The label for the connected app that's associated with this OAuth token.
Id string Reserved for future use. Currently, the value is always null.
RequestToken string The authorization code that was used to request the corresponding AccessToken. With this authorization code, you can revoke the corresponding AccessToken by passing the DeleteToken.
UseCount number How often the token has been used.
UserId string User The owner of the token.
CreatedDate number The time when the OauthToken was created
AppMenuItemId string The unique ID for the App Picker menu item that's associated with this OAuth token.
LastUsedDate number The most recent date when the OAuth token was used.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
LastModifiedById string User The unique identifier (id) for the User who modified the ObjectPermission associated with PermissionSet.
LastModifiedDate number The time when the User was last modified by a user
ParentId string PermissionSet The Id of this object's parent PermissionSet.
PermissionsDelete boolean If true, users assigned to the parent PermissionSet can delete records for this object. Requires PermissionsRead and PermissionsEdit for the same object to be true.
PermissionsRead boolean If true, users assigned to the parent PermissionSet can view records for this object.
PermissionsViewAllRecords boolean If true, users assigned to the parent PermissionSet can view all records for this object, regardless of sharing settings. Requires PermissionsRead for the same object to be true.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
CreatedById string User The unique identifier (id) for the User who created the ObjectPermission.
CreatedDate number The time when the ObjectPermission was created for Parent PermissionSet.
Id string The unique identifier of ObjectPermission.
PermissionsCreate boolean If true, users assigned to the parent PermissionSet can create records for this object. Requires PermissionsRead for the same object to be true.
PermissionsEdit boolean If true, users assigned to the parent PermissionSet can edit records for this object. Requires PermissionsRead for the same object to be true.
PermissionsModifyAllRecords boolean If true, users assigned to the parent PermissionSet can edit all records for this object, regardless of sharing settings. Requires PermissionsRead, PermissionsDelete, PermissionsEdit, and PermissionsViewAllRecords for the same object to be true.
SobjectType string The object's API name.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
value string The value of the setting.
id string The unique id of this trusted URL.
fullName string The name of the setting.
masterLabel string The name of the setting.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
Longitude number Used with Latitude to specify the precise geolocation of the organization.
NumKnowledgeService number The number of Knowledge users allowed in the organization.
SelfServiceWelcomePageConfig number Configuration settings for the self-service portal welcome page.
City string The city where the organization is located.
LanguageLocaleKey string The default language for the organization.
OrganizationType string The type of the organization (for example, Developer Edition, Enterprise Edition, Unlimited Edition).
Phone string The phone number for the organization.
PreferencesTerminateOldestSession boolean Indicates whether to terminate the oldest session when a user exceeds the maximum concurrent session limit.
SelfServiceSolutionSingle string The singular term used for solutions in the self-service portal.
SelfServiceStyleSheetUrl string The URL of the stylesheet used for the self-service portal.
DefaultCalendarAccess string The default organization-wide sharing access level for Calendar records.
FiscalYearStartMonth number The month when the organization's fiscal year starts.
PrimaryContact string The primary contact for the organization.
DailyWebToCaseCount number The number of Web-to-Case submissions received today.
SelfServiceCaseSubmitRecordTypeId string The record type ID for cases submitted through the self-service portal.
LastModifiedById string User The unique identifier (id) for the User who last modified the Organization record.
PostalCode string The postal code for the organization's address.
AllowsSelfServiceLogin boolean Indicates whether self-service login is allowed for the organization.
DailyWebToCaseLimit number The maximum number of Web-to-Case submissions allowed per day.
DefaultTerritoryOppAccess string The default territory-based sharing access level for Opportunity records.
MaxActionsPerRule number The maximum number of actions allowed per workflow rule or process builder.
SelfServiceCasePlural string The plural term used for cases in the self-service portal.
SelfServiceLogoutUrl string The URL users are redirected to after logging out of the self-service portal.
Name string Name of the Organization
DefaultContactAccess string The default organization-wide sharing access level for Contact records.
GeocodeAccuracy string Accuracy level of the geocode for the organization's address.
PreferencesRequireOpportunityProducts boolean Indicates whether the organization requires products on opportunities.
State string The state where the organization is located.
UiSkin string The user interface skin for the organization.
SelfServiceNewUserTemplateId string The email template ID used when a new user registers in the self-service portal.
SelfServiceSelfClosedCaseStatus string The status value used when a case is closed by the customer in the self-service portal.
Latitude number Used with Longitude to specify the precise geolocation of the organization.
DefaultAccountAccess string The default organization-wide sharing access level for Account records.
ReceivesInfoEmails boolean Indicates whether the organization receives information emails.
DefaultTerritoryContactAccess string The default territory-based sharing access level for Contact records.
WebToCaseAssignedEmailTemplateId string The email template ID used when a Web-to-Case submission is assigned.
WebToCaseCreatedEmailTemplateId string The email template ID used when a Web-to-Case submission is created.
WebToCaseDefaultCreatorId string The user ID of the default creator for Web-to-Case submissions.
DefaultPricebookAccess string The default organization-wide sharing access level for Pricebook records.
DefaultAccountAndContactAccess string The default organization-wide sharing access level for Account and Contact records.
SelfServiceCaseSingle string The singular term used for cases in the self-service portal.
SelfServiceFeatureConfig number Configuration settings for self-service portal features.
SelfServiceNewCommentCheckedByDefault boolean Indicates whether the notify checkbox is checked by default when commenting on a case in the self-service portal.
SelfServiceSolutionCategoryStartNodeId string The ID of the starting node for solution categories in the self-service portal.
Address object Address of the organization.
 City string The city detail for the organization address.
 Country string The country detail for the organization address.
 CountryCode string The ISO country code for the organization address.
 Longitude number Used with Latitude to specify the precise geolocation of the organization address.
 PostalCode string The postal code for the organization address.
 StateCode string The ISO state code for the organization address.
 Latitude number Used with Longitude to specify the precise geolocation of the organization address.
 State string The state detail for the organization address.
 Street string The street detail for the organization address.
DefaultCaseAccess string The default organization-wide sharing access level for Case records.
DefaultOpportunityAccess string The default organization-wide sharing access level for Opportunity records.
ReceivesAdminInfoEmails boolean Indicates whether the organization receives admin information emails.
SignupCountryIsoCode string The ISO country code specified when the organization signed up for Salesforce.
IsReadOnly boolean Indicates whether the organization is in read-only mode.
PreferencesOnlyLLPermUserAllowed boolean Indicates whether only Lightning Login permission users are allowed.
TrialExpirationDate number The date when the trial expires, if this is a trial organization.
SystemModstamp number The time when the Organization was last modified by a user or an automated process (such as a trigger)
DefaultLeadAccess string The default organization-wide sharing access level for Lead records.
DefaultLocaleSidKey string The default locale for the organization.
Fax string The fax number for the organization.
DefaultTerritoryCaseAccess string The default territory-based sharing access level for Case records.
SelfServiceNewPassTemplateId string The email template ID used when a user requests a new password in the self-service portal.
Country string The country where the organization is located.
Division string The division for this organization.
WebToCaseDefaultOrigin string The default origin for Web-to-Case.
MaxRulesPerEntity number The maximum number of workflow rules or processes allowed per entity.
IsSandbox boolean Indicates whether the organization is a sandbox (true) or production (false).
UsesStartDateAsFiscalYearName boolean Indicates whether the organization uses the start date as the fiscal year name.
PreferencesTransactionSecurityPolicy boolean Indicates whether transaction security policies are enabled.
DailyWebToLeadCount number The number of Web-to-Lead submissions received today.
HomepageHtml string HTML content for the organization's custom homepage.
LastWebToCaseDate number The date of the last Web-to-Case submission.
SelfServiceEmailSenderAddress string The email address used as the sender for self-service portal emails.
SelfServiceEnabledForResponseRules boolean Indicates whether response rules are enabled for the self-service portal.
InstanceName string The instance name of the Salesforce organization (for example, NA1, EU5).
MonthlyPageViewsUsed number The number of page views used in the current month.
NamespacePrefix string The namespace prefix for the organization if one is configured.
SelfServicDefaultCaseOrigin string The default origin for cases created through the self-service portal.
SelfServicePageHeight number The height of self-service portal pages in pixels.
SelfServiceWelcomeText string The welcome text displayed on the self-service portal.
CreatedById string User The unique identifier (id) for the User who created the Organization record.
CreatedDate number The time when the Organization was created
LastModifiedDate number The time when the Organization was last modified by a user
ComplianceBccEmail string Email address to which compliance Bcc emails are sent.
TimeZoneSidKey string The time zone for the organization.
DailyWebToLeadLimit number The maximum number of Web-to-Lead submissions allowed per day.
SelfServiceNewCommentTemplateId string The email template ID used when a new comment is added in the self-service portal.
SelfServiceSolutionPlural string The plural term used for solutions in the self-service portal.
MonthlyPageViewsEntitlement number The number of page views allowed per month.
PreferencesEventScheduler boolean Indicates whether the event scheduler is enabled.
SelfServiceEmailSenderName string The name displayed as the sender for self-service portal emails.
SelfServiceEmailUserOnCaseCreationTemplateId string The email template ID used when a user creates a case through the self-service portal.
SelfServiceMaxNumSuggestions number The maximum number of suggested solutions displayed in the self-service portal.
SelfServicePageWidth number The width of self-service portal pages in pixels.
UsesWebToCase boolean Indicates whether Web-to-Case is enabled for the organization.
UsesWebToLead boolean Indicates whether Web-to-Lead is enabled for the organization.
Id string The unique identifier of the Organization
DefaultCampaignAccess string The default organization-wide sharing access level for Campaign records.
Street string The street address for the organization.
PreferencesLightningLoginEnabled boolean Indicates whether Lightning Login is enabled.
PreferencesS1BrowserEnabled boolean Indicates whether Salesforce1 browser is enabled.
StateCode string The ISO state code for the organization.
CountryCode string The ISO country code for the organization.
PreferencesAutoSelectIndividualOnMerge boolean Indicates whether to auto-select individuals on merge.
PreferencesConsentManagementEnabled boolean Indicates whether consent management is enabled.
LastWebToLeadDate number The date of the last Web-to-Lead submission.
SelfServiceSolutionCategoryAvailable boolean Indicates whether solution categories are available in the self-service portal.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
minimumPasswordLifetime boolean If enabled (true), passwords can't be changed more than one time during a 24-hour period.
complexity string The types of characters that must be used in a user's password. Valid values are NoRestriction, AlphaNumeric, SpecialCharacters, UpperLowerCaseNumeric, UpperLowerCaseNumericSpecialCharacters, Any3UpperLowerCaseNumericSpecialCharacters
historyRestriction number The number of previous passwords saved for users so that they must always reset a new, unique password. Valid values are 0 through 24 passwords remembered. The maximum value of 24 applies to API version 31.0 and later. In earlier versions, the maximum value is 16.
maxLoginAttempts string The number of login failures allowed for a user before the user is locked out. Valid values are NoLimit, ThreeAttempts, FiveAttempts, TenAttempts. This value is the default value.
minimumPasswordLength number The minimum number of characters required for a password. The number can contain from 5 to 50 characters (default is 8). Available in API version 35.0 and later. Before API version 35.0, specify minimum password length with the enumeration minPasswordLength, with valid values FiveCharacters, EightCharacters (default), TenCharacters, TwelveCharacters (API version 31.0 and later), and FifteenCharacters (API version 34.0 and later).
obscureSecretAnswer boolean If enabled (true), hide answers to security questions as the user types.
questionRestriction string The restriction on whether the answer to the password hint question can contain the password itself. Valid values are None, DoesNotContainPassword
expiration string The length of time until a user password expires and must be changed. Valid values are Never, ThirtyDays, SixtyDays, NinetyDays, SixMonths, OneYear
lockoutInterval string The duration of the login lockout. Valid values are FifteenMinutes (this value is the default value), ThirtyMinutes, SixtyMinutes, Forever (must be reset by admin)
ATTRIBUTE TYPE REFERS TO DESCRIPTION
Id string The unique identifier of PermissionSet.
IsOwnedByProfile boolean If true, the permission set is owned by a profile. Available in API version 25.0 and later.
ProfileId string Profile If the permission set is owned by a profile, this field returns the ID of the Profile. If the permission set isn't owned by a profile, this field returns a null value.
CreatedById string User The unique identifier (id) for the User who created the PermissionSet.
Description string A description of the permission set. Limit: 255 characters.
HasActivationRequired boolean Indicates whether the permission set requires an associated active session (true) or not (false).
LicenseId string The ID of either the related PermissionSetLicense or UserLicense associated with this permission set.
Permissions list<object> One field for each permission. The number of fields varies depending on the permissions for the organization and license type.
 PermissionName string The name of the Permission.
 isEnabled boolean If true, users assigned to this permission set have the named permission.
LastModifiedById string User The unique identifier (id) for the User who modified the PermissionSet.
LastModifiedDate number The time when the User was last modified by a user
PermissionSetGroupId string If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value.
IsCustom boolean If true, the permission set is custom (created by an admin); if false, the permission set is standard and related to a specific permission set license.
Label string The permission set label, which corresponds to Label in the user interface. Limit: 80 characters.
Name string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters.
NamespacePrefix string The namespace prefix for a permission set that's been installed as part of a managed package. If the permission set isn't packaged or is part of an unmanaged package, this value is empty.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
Type string Permission Set Type.
CreatedDate number The time when the PermissionSet.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
PermissionSetGroupId string If the permission set is owned by a permission set group, this field returns the ID of the permission set group. If the permission set isn't owned by a permission set group, this field returns a null value.
PermissionSetId string PermissionSet Unique Identifier of PermissionSet
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
AssigneeId string User ID of the User to assign the permission set specified in PermissionSetId.
ExpirationDate number The date that the assignment of the permission set expires for the specified user.
Id string The unique identifier of PermissionSetAssignment.
IsActive boolean Indicates whether the permission set assignment is active (true) or not (false). Defaults to false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableEventBusEncryption boolean Indicates whether events are encrypted at rest in the event bus (true) or not (false). The events include change data capture events and platform events. The default value is false. If false, events aren't encrypted and are stored in clear text in the event bus.
enableEncryptFieldHistory boolean Indicates whether the background encryption process applies the customer's active key material to field history and feed tracking values (true) or not (false). The default value is false. If false, background encryption processes apply active key material to all encrypted data except duplicates of that data stored in field history or feed tracking.
isMEKForEncryptionRequired boolean Indicates whether encryption policy tasks, such as enabling encryption on fields, also require the Manage Encryption Keys permission (true) or not (false), in addition to those tasks' baseline permissions.
canEncryptManagedPackageFields boolean Indicates whether users can enable encryption on custom fields in installed managed packages (true) or not (false).
enableDeterministEncryption boolean Indicates whether customers apply the deterministic encryption scheme to supported fields (true) or not (false). The deterministic encryption scheme lets customers filter on encrypted data.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
LastModifiedDate number The time when the Profile was last modified by a user
Permissions list<object> One field for each permission. The number of fields varies depending on the permissions for the organization and license type.
 PermissionName string The name of the Permission.
 isEnabled boolean If true, users assigned to this permission set have the named permission.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
UserType string The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles.
Description string A description of the Profile.
Name string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your organization. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. Corresponds to API Name in the user interface. Limit: 80 characters.
loginIpRanges list<object> A list of IP address ranges from which users can log in to the organization. Each range includes a start and end IP address.
 endAddress string The ending IP address of the allowed range.
 description string Use this field to identify the purpose of the range, such as which part of a network corresponds to this range.
 startAddress string The starting IP address of the allowed range.
CreatedDate number The time when the Profile was created.
LastModifiedById string User The unique identifier (id) for the User who modified the Profile.
UserLicenseId string ID of the UserLicense associated with this profile..
userLicense string The name of the user license associated with this profile. This determines the baseline permissions for users assigned to this profile.
LastReferencedDate number The timestamp for when the current user last viewed a record related to this profile.
LastViewedDate number The timestamp for when the current user last viewed this profile.
custom boolean Indicates whether this is a custom profile (true) or a standard profile (false).
CreatedById string User The unique identifier (id) for the User who created the Profile.
Id string The unique identifier of Profile.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
minimumPasswordLength number The minimum number of characters required for passwords.
obscure boolean Indicates whether the password hint answer is obscured.
passwordComplexity number The complexity requirement for passwords. Values range from 0 (no restriction) to 3 (highly complex).
passwordExpiration number The number of days after which passwords expire.
passwordQuestion number The password question requirement. Values indicate if a question is required for password resets.
id string The unique identifier for this profile password policy.
profile string The profile this password policy applies to.
lockoutInterval number The number of minutes a user is locked out after exceeding the maximum login attempts.
minimumPasswordLifetime boolean Indicates whether a minimum password lifetime is enforced before users can change their password.
passwordHistory number The number of previous passwords that cannot be reused.
fullName string The developer name of the profile password policy.
forgotPasswordRedirect boolean Indicates whether users are redirected to an external page when they click Forgot Password.
maxLoginAttempts number The maximum number of failed login attempts before the user is locked out.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
RealTimeEvents list<object> A list of Real-Time Event entities
 entityName string The name of the storage or streaming entity to be modified. For example, ApiEvent or ApiEventStream.
 isEnabled boolean Indicates whether to enable storage or streaming capability.
StreamingApiConcurrentClients object The number of Concurrent CometD clients (subscribers) across all channels and for all event types
 Max number The maximum number of Concurrent CometD clients (subscribers) across all channels and for all event types
 Remaining number The remaining number of Concurrent CometD clients (subscribers) across all channels and for all event types that can subscribe
ATTRIBUTE TYPE REFERS TO DESCRIPTION
disableProtocolSecurity boolean Indicates whether code within Salesforce can access the remote site regardless of whether the user's connection is over HTTP or HTTPS (true) or not (false). When true, code within Salesforce can pass data from an HTTPS session to an HTTP session, and vice versa.
fullName string The name can only contain characters, letters, and the underscore (_) character, must start with a letter, and cannot end with an underscore or contain two consecutive underscore characters.
isActive boolean Indicates if the remote site setting is active (true) or not (false).
url string The URL for the remote site.
description string The description explaining what this remote site setting is used for.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
salesforceLoginUrl string The Salesforce login URL.
attributeName string The name of the attribute in the SAML assertion.
identityLocation string The location of the user identity in the SAML assertion. Valid values are SubjectNameId or Attribute.
samlVersion string The SAML version. Valid values are SAML1_1 or SAML2_0.
singleLogoutUrl string The URL for single logout.
useSameDigestAlgoForSigning boolean Indicates if the same digest algorithm is used for signing.
validationCert string The certificate used to validate the identity provider's signature.
logoutUrl string The URL to redirect users after they log out from Salesforce.
fullName string The developer name of the SAML SSO configuration.
name string The name of the SAML SSO configuration.
decryptionCertificate string The certificate used to decrypt encrypted SAML assertions.
samlEntityId string The Entity ID for the service provider.
samlJitHandlerId string The ID of the Apex class that implements the SAML JIT handler.
singleLogoutBinding string The binding used for single logout. Valid values are RedirectBinding or PostBinding.
userProvisioning boolean Indicates if just-in-time user provisioning is enabled.
issuer string The unique identifier that identifies the identity provider to Salesforce.
redirectBinding boolean Indicates if HTTP Redirect binding is used instead of HTTP POST binding for SAML requests.
requestSignatureMethod string The signature method used to sign SAML requests.
requestSigningCertId string The ID of the certificate used to sign SAML requests.
useConfigRequestMethod boolean Indicates if the configured request method is used.
loginUrl string The URL where Salesforce sends a SAML request to start the login process.
oauthTokenEndpoint string For SAML 2.0 only: The ACS URL used with enabling Salesforce as an identity provider in the web single sign-on OAuth assertion flow.
id string The unique identifier for this SAML SSO configuration.
attributeNameIdFormat string The format of the attribute in the SAML assertion.
errorUrl string The URL to redirect users when an error occurs during SSO authentication.
executionUserId string The user ID to use when running Apex handlers.
identityMapping string The field used to identify the user. Valid values are FederationId, Username, or UserId.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableSOSLOnCustomSettings boolean Indicates whether custom settings values are returned in Salesforce Object Search language (SOSL) queries (true) or not (false). This field has a default value of false.
enableAdvancedCMTSecurity boolean Indicates whether custom metadata type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false.
enableAdvancedCSSecurity boolean Indicates whether custom settings type values are available only to Apex, flow, and formula operations (true) or exposed in other contexts such as through the Enterprise WSDL or SOAP API (false). This field has a default value of false.
enableListCustomSettingCreation boolean Indicates whether you can create custom settings when using application-level data definitions (true) or not (false). This field has a default value of false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableAdminLoginAsAnyUser boolean If true, the "Administrator Can Log in as Any User" field is enabled
enableAuraSecureEvalPref boolean If true, this setting prevents the creation of function expressions in dynamically created Aura components. The default is false. This field is available in API version 47.0 and later.
enablePermissionsPolicy boolean Indicates whether the pages that Salesforce serves for this org include the Permissions-Policy HTTP header. This HTTP header controls access to browser features such as cameras and microphones. When this field is false, access to the browser features is always permitted. The default value is false
sendCspForUncommonClients boolean In rare cases, Salesforce can't identify whether the requesting app or specialized browser supports the Content-Security-Policy: frame-ancestors HTTP header directive. In those cases, this field indicates whether that directive is included in (true) or omitted from (false) the HTTP response header for pages that Salesforce serves for this org. The default value is false. When sendCspForUncommonClients is true, users who access Salesforce via an app or browser that doesn't support the Content-Security-Policy: frame-ancestors HTTP header directive can experience errors if that lack of support is unclear.
canUsersGrantLoginAccess boolean If true, users can grant login access to Support. If false, only an admin can grant login access.
enableAuditFieldsInactiveOwner boolean If true, this setting enables audit fields and updating the owner for records that are owned by inactive users. The default value is false. This field is available in API version 47.0 and later.
enforceUserDeviceRevoked boolean If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later.
enableCoepHeader boolean Indicates whether the Cross-Origin Embedder Policy (COEP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, externally sourced embedded content loads only when the external origin allows it via CORS or CORP. The default value is false.
enableCoopHeader boolean Indicates whether the Cross-Origin Opener Policy (COOP) response header is applied to this org's custom Visualforce pages (true) or not (false). If true, each custom Visualforce page opens in a new browsing context group. The default value is false.
enableCrossOrgRedirects boolean Indicates whether redirections to other Salesforce orgs are allowed (true) or blocked (false). In orgs that got Winter '24 before October 2023, the default value is false. In all other orgs, the default value is true. This setting applies to user redirections via a direct link, a post-action URL, or a post-login URL in Salesforce. An example of a direct link is <a href='https://www.example.com'>example.com</a>. Post-action URLs and post-login URLs use a protected URL redirect parameter, such as retURL, startURL, saveURL, cancelURL, and targetURL. Subsequent redirections can't be verified because they occur outside Salesforce. When this field is set to true, no warning is displayed to the user upon redirection to another Salesforce org. For better security, add the URLs for the Salesforce orgs that you own to RedirectWhitelistUrl and set this field to true.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
forceLogoutOnSessionTimeout boolean If enabled (true), the default, when sessions time out for inactive users, current sessions become invalid. The browser refreshes and returns to the login page. To access the organization, the user must log in again.
redirectionWarning boolean Indicates whether users see an alert when they click a link in a web tab that redirects them outside the saleforce.com domain. Available in API version 42.0 and later.
referrerPolicy boolean Indicates whether the referer header hides sensitive information that could be present in the full URL. If true, then the referer header displays only salesforce.com. If false, then the header displays the entire URL. For a Visualforce user, if referrerPolicy is set to true, then the referer header displays only force.com. If false, then the header displays the entire URL. Available in API version 42.0 and later.
lockerServiceNextControl boolean Reserved for internal use
enforceUserDeviceRevoked boolean If enabled, and a UserDevice's status is set to revoked, that device can't log in from a Salesforce app. Logins from browsers aren't affected. This field is available in API version 50.0 and later.
sessionTimeout string The length of time after which users without activity are prompted to log out or continue working. Valid values are FifteenMinutes, ThirtyMinutes, SixtyMinutes, TwoHours, FourHours, EightHours, TwelveHours
forceRelogin boolean If true, an admin who is logged in as another user must log in again to their original session, after logging out as the secondary user. If false, the admin isn't required to log in again.
allowUserAuthenticationByCertificate boolean If enabled (true), users can authenticate with a PEM-encoded X.509 digital certificate. Not enabled by default. Available in API version 47.0 and later.
enableCSRFOnPost boolean Indicates whether Cross-Site Request Forgery (CSRF) protection on POST requests on non-setup pages is enabled (true) or disabled (false).
enableClickjackNonsetupSFDC boolean Indicates whether clickjack protection for non-setup Salesforce pages is enabled (true) or disabled (false).
enableContentSniffingProtection boolean Indicates if the browser is prevented from inferring the MIME type from the document content and from executing malicious files (JavaScript, Stylesheet) as dynamic content. This field is available in API version 39.0 and later.
enableOauthCorsPolicy boolean If set to true, enables Cross-Origin Resource Sharing (CORS) for these OAuth endpoints: /services/oauth2/token /services/oauth2/revoke /services/oauth2/introspect Default setting is false. Available in API version 50.0 and later.
enablePostForSessions boolean Indicates whether cross-domain session information is exchanged using a POST request instead of a GET request, such as when a user is using a Visualforce page. In this context, POST requests are more secure than GET requests. Available in API version 31.0 and later.
identityConfirmationOnTwoFactorRegistrationEnabled boolean Indicates if users are required to confirm their identities when adding a verification method such as Salesforce Authenticator for multi-factor authentication (MFA), instead of requiring a re-login. (Multi-factor authentication was formerly called two-factor authentication.) This field is available in API version 40.0 and later.
canConfirmIdentityBySmsOnly boolean Prevents identity verification by email for users who have registered other verification methods, such as SMS or Salesforce Authenticator. If no other verification methods are configured, users are verified by email. By default, this setting is disabled (false) for existing orgs. For new orgs, this setting is enabled (true) by default. Available in API version 48.0 and later.
lockSessionsToIp boolean Indicates whether user sessions are locked to the IP address from which the user logged in (true) or not (false).
allowUserCertBasedAuthenticationWithOcspValidation boolean If enabled (true), authentication certificates are validated using the Online Certificate Status Protocol (OCSP) or a Certificate Revocation List (CRL).
enableBuiltInAuthenticator boolean Indicates whether users can verify their identity with a built-in authenticator that's already on their device (true), such as Touch ID or Windows Hello, or not (false). The default value is false
identityConfirmationOnEmailChange boolean Indicates if a user's identity is confirmed when changing their email address, instead of requiring a re-login. This field is available in API version 42.0 and later.
lockSessionsToDomain boolean Indicates whether the current UI session for a user is associated with a specific domain. This check helps prevent unauthorized use of the session ID in another domain. The value is true by default for orgs created with the Spring '15 release or later. Available in API version 33.0 and later.
enableCSRFOnGet boolean Indicates whether Cross-Site Request Forgery (CSRF) protection on GET requests on non-setup pages is enabled (true) or disabled (false).
enableLightningLoginOnlyWithUserPerm boolean If enabled (true), only users with the Lightning Login User permission can log in with Salesforce Authenticator instead of a password. Available in API version 47.0 and later.
enforceIpRangesEveryRequest boolean If true, the IP addresses in Login IP Ranges are enforced when a user accesses Salesforce (on every page request), including access from a client app. If false, the IP addresses in Login IP Ranges are enforced only when a user logs in. This field affects all user profiles that have login IP restrictions. Available in API version 34.0 and later.
requireHttpOnly boolean Sets the HttpOnly attribute on session cookies, making them inaccessible via JavaScript. If true, session ID cookie access is restricted.
redirectBlockModeEnabled boolean If true, users can't access untrusted URLs outside the salesforce.com domain via links in a web tab. When a user clicks the link, a message informs the user that they can't access the page because the external site isn't trusted. The default is false.
enableMFADirectUILoginOptIn boolean Requires all users in your Salesforce org to provide an additional verification method when logging in directly to the UI with their username and password. Users who are already enabled via the Multi-Factor Authentication for User Interface Logins user permission experience no change. The Waive Multi-Factor Authentication for Exempt Users user permission overrides this setting.
lockerServiceNext boolean If true, Lightning Web Security is used instead of Lightning Locker to protect Lightning web components. Lightning Locker continues to protect Aura components. If false, Lightning Locker protects Lightning web components and Aura components.
enableCacheAndAutocomplete boolean Indicates whether the user's browser is allowed to store usernames and auto-fill the User Name field on the login page (true) or not (false).
enableClickjackNonsetupUser boolean Indicates whether clickjack protection for customer Visualforce pages with standard headers turned on is enabled (true) or disabled (false).
referrerPolicyDirective string The HTTP referrer policy directive for pages served by Salesforce. The default is origin-when-cross-origin. If referrerPolicy is false, this value has no effect. Valid values are: origin-when-cross-origin, no-referrer, no-referrer-when-downgrade, origin, same-origin, strict-origin, strict-origin-when-cross-origin, and unsafe-url
sidToken3rdPartyAuraApp boolean If true, a Lightning app replaces the authentication cookie with a session token when the Lightning app is in a third-party context, such as Lightning Out. Browsers are restricting the use of third-party cookies. This org setting is an alternative for the authentication cookie to requiring that users disable browser settings, such as Safari's Prevent cross-site tracking setting
useLocalStorageForLogoutUrl boolean Redirects all expired tabs in your browser to your custom logout URL (true). By default, this option is enabled for all new orgs and is available in API version 52.0 and later. For orgs created prior to the Summer '21 release, the default setting is false.
FileUploadAndDownloadSecurityRules list<object> A list of rules representing the security settings for uploading and downloading files.
 dispositions string Represents the metadata used to manage file type behavior.
 noHtmlUploadAsAttachment boolean Indicates whether to allow HTML uploads as attachments or document records.
disableTimeoutWarning boolean Indicates whether the session timeout warning popup is disabled (true) or enabled (false).
enableCSPOnEmail boolean Indicates whether a content security policy is enabled for the email template. A content security policy helps prevent cross-site scripting attacks by listing allowed sources of images and other content.
enableClickjackNonsetupUserHeaderless boolean Indicates whether clickjack protection for customer Visualforce pages with standard headers turned off is enabled (true) or disabled (false).
enableLightningLogin boolean If enabled (true), users can use Lightning Login (Salesforce Authenticator) to log in instead of a password. Available in API Version 47.0 and later.
enableU2F boolean If enabled (true), users can use a physical U2F-compatible security key for multi-factor authentication (MFA) and identity verification. The default is false. Available in API version 47.0 and later.
hasRetainedLoginHints boolean If you enable 'Remember me until logout' (true), usernames (login hints) are cached until the user logs out. If a session times out, usernames appear on the Switcher as inactive. If false (default), usernames aren't cached for SSO sessions.
lockerServiceCSP boolean If true, a stricter Content Security Policy is enabled to disallow the unsafe-inline source for the script-src CSP directive. Script tags can't be used to load JavaScript, and event handlers can't use inline JavaScript. Lightning Locker and Lightning Web Security depend on this setting to be enabled to protect Lightning components.
canConfirmEmailChangeInLightningCommunities boolean When users change their email address, they receive an email at the new address with a link. After they click the link, their new email address takes effect.
enableClickjackSetup boolean Indicates whether clickjack protection for setup pages is enabled (true) or disabled (false).
enableSMSIdentity boolean If enabled (true), the default, users can receive a one-time password in a text message (SMS) to verify their identity. Users must verify their mobile phone number before they can receive SMS messages.
hasUserSwitching boolean If 'Enable user switching' is true (default), users can log in to other orgs by selecting their profile picture and using the Switcher. You must also enable the 'Enable caching and autocomplete on login page' setting. If false, the Switcher isn't enabled and your org doesn't appear in Switchers on other orgs.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableStandardReportVisibility boolean Indicates whether users can view reports based on standard report types that may expose data of users to whom they don't have access (true) or not (false). This field has a default value of false.
enableSecureGuestAccess boolean When true, guest users have organization-wide defaults set to Private. To share records with them, guest user sharing rules must be used.
enableAccountRoleOptimization boolean Indicates whether person roles are assigned to new site users in accounts without existing users (true) or if regular site roles are created for new users (false). This field has a default value of false.
enableAssetSharing boolean Indicates whether sharing is enabled for assets (true) or asset access is determined by the parent object's sharing rules (false). This field has a default value of false.
enableManagerGroups boolean Indicates whether users can share records with their managers and manager subordinates groups (true) or not (false). This field has a default value of false. To use this field, you need the 'View and Manage Users' permission.
enableRemoveTMGroupMembership boolean Removes group membership info for the original territory management feature after migrating to Enterprise Territory Management when set to true. This field has a default value of false. Once this field is set to true, it can't be set to false again.
enableTerritoryForecastManager boolean Indicates whether forecast managers can act as delegated administrators for territories below them in the hierarchy (true) or not (false). This field has a default value of false.
deferGroupMembership boolean Indicates whether group membership calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later.
deferSharingRules boolean Indicates whether sharing rule calculations are suspended (true) or not (false). This field has a default value of false. This field is available in API version 49.0 and later.
enableCommunityUserVisibility boolean Indicates whether site users in the same site can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. In orgs created in API version 47.0 and later, this setting doesn't apply to guest users.
enableManualUserRecordSharing boolean Indicates whether users can share their own user record (true) or not (false). This field has a default value of false.
enablePartnerSuperUserAccess boolean Indicates whether you can grant super user access to partners in sites (true) or not (false). This field has a default value of false. To use this field, you need the 'Customize Application' permission.
enablePortalUserVisibility boolean Indicates whether portal users in the same customer or partner portal account can see each other regardless of the organization-wide defaults (true) or not (false). This field has a default value of false. To enable this field, contact Salesforce Support.
enableRestrictAccessLookupRecords boolean Indicates whether users must have read access to a record to see the record's name in lookup and system fields (true) or not (false). This field has a default value of true in Salesforce orgs created in Spring '20 or later and a default value of false in all other orgs. This field is available in API version 48.0 and later.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableSamlLogin boolean If you enable 'SAML Enabled' (true), users can SSO into Salesforce from providers via SAML. The default isn't enabled (false).
enableMultipleSamlConfigs boolean If true (default), you can configure multiple SAML providers. After enabling the setting, it can't be disabled.
enableSamlJitProvisioning boolean If you enable User Provisioning Enabled (true), you can provision users through a SAML assertion (called just-in-time provisioning). Requires EnableSamlLogin to be true and enableMultipleSamlConfigs to be false. The default is enabled (false).
enableForceDelegatedCallout boolean If you enable Force Delegated Authentication Callout (true), a callout to the SSO endpoint occurs regardless of login restriction failures. If disabled (false), the default, and if a user's first login attempt fails due to login restrictions within the Salesforce org, a call isn't made to the SSO endpoint.
enableCaseInsensitiveFederationID boolean If you enable Make Federation ID case-insensitive (true), the Federation ID field on a user object isn't case-sensitive. If disabled (false), the Federation ID field remains case-sensitive. The default is false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
enableProxyLoginICHeader boolean Indicates whether security tokens for API logins from callouts (in API version 31.0 and earlier) are required (true) or not (false). The default value is true.
enableTopicsInSites boolean Indicates whether guest and authenticated external users can view topics in Salesforce Sites and Salesforce portals (true) or not (false). The default value is false.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
UserPreferencesReceiveNotificationsAsDelegatedApprover boolean Controls email notifications from the approval process for delegated approvers. If true, emails are enabled. If false, emails are disabled. The default value is false.
ForecastEnabled boolean Indicates whether the user is enabled as a forecast manager (true) or not (false). Forecast managers see forecast rollups from users below them in the forecast hierarchy.
MobilePhone string The user's mobile device number.
UserPermissionsJigsawProspectingUser boolean Indicates whether the user is allocated one Data.com user license (true) or not (false). The Data.com user license lets the user add Data.com contact and lead records to Salesforce in supported editions. Label is Data.com User.
UserPermissionsSiteforceContributorUser boolean Indicates whether the user is allocated one Site.com Contributor feature license (true) or not (false). Label is Site.com Contributor User. The Site.com Contributor feature license grants the user access to the Site.com application. Users with a Contributor license can use Site.com Studio to edit site content only.
UserPreferencesDisableFileShareNotificationsForApi boolean When false, email notifications are sent from the person who shared the file to the users that the file is shared with.
UserPreferencesHideS1BrowserUI boolean Controls the interface that the user sees when logging in to Salesforce from a supported mobile browser. If false, the user is automatically redirected to the Salesforce mobile web. If true, the user sees the full Salesforce site. The default value is false. Label is Salesforce User.
UserPreferencesPathAssistantCollapsed boolean When true, Sales Path appears collapsed or hidden to the user.
UserPreferencesShowManagerToExternalUsers boolean Indicates the visibility of the manager field in the user's contact information. Manager is visible only to internal members of the user's organization when this field is false. Manager is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
LanguageLocaleKey string The user's language, such as French or Chinese (Traditional). Label is Language.
Division string The division associated with this user, similar to Department, and unrelated to DefaultDivision.
Fax string The user's fax number.
UserPreferencesContentNoEmail boolean When false, a user with Salesforce CRM Content subscriptions receives email notifications if activity occurs on the subscribed content, libraries, tags, or authors. To receive real-time email alerts, set this field to false and set the UserPreferencesContentEmailAsAndWhen field to true. The default value is false.
UserPreferencesEnableAutoSubForFeeds boolean When true, the user automatically subscribes to feeds for any objects that the user creates.
UserPreferencesDisMentionsCommentEmail boolean When false, the user automatically receives email every time the user is mentioned in comments.
UserPreferencesReceiveNoNotificationsAsApprover boolean Controls email notifications from the approval process for approvers. If true, emails are disabled. If false, emails are enabled. The default value is false.
UserPreferencesShowPostalCodeToExternalUsers boolean Indicates the visibility of the postal or ZIP code field in the user's contact information. Postal code is visible only to internal members of the user's organization when this field is false. Postal code is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowPostalCodeToGuestUsers is true, which overrides this field's value External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
LastReferencedDate number The timestamp for when the current user last viewed a record related to this record.
Alias string The user's alias. For example, jsmith.
Extension string The user's phone extension number.
MiddleName string The user's middle name.
UserPermissionsKnowledgeUser boolean Indicates whether the user is enabled to use Salesforce Knowledge (true) or not (false). Label is Knowledge User.
UserPreferencesDisableEndorsementEmail boolean When false, the member automatically receives email every time someone endorses them for a topic.
UserPreferencesReminderSoundOff boolean When true, a sound automatically plays when an activity reminder is due. Corresponds to the Play a reminder sound checkbox on the Reminders page in the user interface.
UserPreferencesShowProfilePicToGuestUsers boolean Indicates the visibility of the user's profile photo. When true, the photo is visible to guest users in an Experience Cloud site. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When false, this field returns the stock photo. The default value is false.
MediumBannerPhotoUrl string The URL for the medium-sized user profile banner photo.
CompanyName string The name of the user's company.
ReceivesAdminInfoEmails boolean Indicates whether the user receives email for administrators from Salesforce (true) or not (false).
StateCode string The ISO state code associated with the user.
UserPermissionsChatterAnswersUser boolean Indicates whether the portal user is enabled to use the Chatter Answers feature (true) or not (false). This field defaults to false when a Customer Portal user is created from the API.
UserPreferencesDisableLaterCommentEmail boolean When false, the user automatically receives email every time someone comments on a feed item after the user has commented on the feed item.
UserPreferencesDisableMentionsPostEmail boolean When false, the user automatically receives email every time they're mentioned in posts.
UserPreferencesShowTitleToExternalUsers boolean Indicates the visibility of the business title field in the user's contact information. Title is visible only to internal members of the user's organization when this field is false. Title is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowTitleToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is true.
UserPreferencesShowWorkPhoneToGuestUsers boolean Indicates the visibility of the work phone field in the user's contact information. When true, the work phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowWorkPhoneToExternalUsers, making the user's work phone visible to guests. The default value is false.
JigsawImportLimitOverride number The Data.com user's monthly addition limit. The value must be between zero and the organization's monthly addition limit. Label is Data.com Monthly Addition Limit.
LastLoginDate number The date and time when the user last successfully logged in. This value is updated if 60 seconds elapses since the user's last login.
Street string The street address associated with the User.
UserPreferencesShowCountryToExternalUsers boolean Indicates the visibility of the country field in the user's contact information. Country is visible only to internal members of the user's organization when this field is false. Country is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCountryToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
UserPreferencesSortFeedByComment boolean Specifies the data value used in sorting a user's feed. When true, the feed is sorted by most recent comment activity. When false, the feed is sorted by post date.
UserPreferencesSuppressTaskSFXReminders boolean When true, task reminders don't appear. Corresponds to the Show task reminders in Lightning Experience. checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
UserType string The category of user license. Each UserType is associated with one or more UserLicense records. Each UserLicense is associated with one or more profiles. The valid values are "Standard" (user license. This user type also includes Salesforce Platform and Salesforce Platform One user licenses. Label is Standard), "PowerPartner" (User whose access is limited because they're a partner and typically access the application through a partner portal or Experience Cloud site. Label is Partner), "CSPLitePortal" (user whose access is limited because they're an org's customer and access the application through a Customer Portal or Experience Cloud site. Label is High Volume Portal), "CustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal User.), "PowerCustomerSuccess" (user whose access is limited because they're an org's customer and access the application through a Customer Portal. Label is Customer Portal Manager). Users with this license type can view and edit data they directly own or data owned by or shared with users below them in the Customer Portal role hierarchy: "CsnOnly" (user whose access to the application is limited to Chatter. This user type includes Chatter Free and Chatter moderator users. Label is Chatter Free), "Guest" (user whose access is limited because they're an unauthenticated user without login credentials. Label is Guest)
EmailEncodingKey string The email encoding for the user, such as ISO-8859-1 or UTF-8.
NumberOfFailedLogins number The number of failed login attempts for the user's account. When the maximum number of failed login attempts is reached, the counter resets and the user's account is locked. If there's a successful login before the maximum number of failed login attempts is reached, the counter resets and the user's account remains unlocked.
Suffix string The user's name suffix.
UserPreferencesHideCSNGetChatterMobileTask boolean When true, the Chatter recommendations panel never displays the recommendation to install Chatter Mobile.
UserPreferencesShowStateToExternalUsers boolean Indicates the visibility of the state field in the user's contact information. State is visible only to internal members of the user's organization when this field is false. State is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowStateToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
Email string The user's email address.
UserPermissionsOfflineUser boolean Indicates whether the user is enabled to use Offline Edition (true) or not (false). Label is Offline User.
LastName string The user's last name.
UserPermissionsSiteforcePublisherUser boolean Indicates whether the user is allocated one Site.com Publisher feature license (true) or not (false). Label is Site.com Publisher User. The Site.com Publisher feature license grants the user access to the Site.com application. Users with a Publisher license can build and style websites, control the layout and functionality of pages and page elements, and add and edit content.
UserPreferencesHideChatterOnboardingSplash boolean When true, the initial Chatter onboarding prompts don't appear.
UserPreferencesShowEmailToGuestUsers boolean Indicates the visibility of the email address field in the user's contact information. When true, the email address is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowEmailToExternalUsers, making the user's email address visible to guests. The default value is false.
UserPreferencesShowStreetAddressToGuestUsers boolean Indicates the visibility of the street address field in the user's contact information. When true, the street address field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowStreetAddressToExternalUsers, making the user's street address visible to guests. The default value is false.
UserPreferencesTaskRemindersCheckboxDefault boolean When true, a reminder popup is automatically set on the user's tasks. Corresponds to the By default, set reminder on Tasks to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
AboutMe string Information about the user, such as areas of interest or skills. This field is available even if Chatter is disabled.
Department string The company department associated with the user.
IsActive boolean Indicates whether the user has access to log in (true) or not (false). You can modify a User's active status from the user interface or via the API.
UserPreferencesContentEmailAsAndWhen boolean When false, a user with Salesforce CRM Content subscriptions receives a once-daily email summary if activity occurs on the subscribed content, libraries, tags, or authors. To receive email, the UserPreferencesContentNoEmail field must also be false. The default value is false.
FirstName string The user's first name.
IsPortalEnabled boolean Indicates whether an active, external, user has access to Experience Cloud sites or portals (true) or not (false). This field is only available if one of these conditions is true: Digital experiences is enabled and you have community or portal user licenses, Portals are enabled.
UserPermissionsSupportUser boolean When true, the user can use the Salesforce console.
UserPreferencesJigsawListUser boolean When true, the user is a Data.com List user so shares record additions from a pool. UserPermissionsJigsawProspectingUser must also be set to true. Label is Data.com List User.
UserPreferencesShowStateToGuestUsers boolean Indicates the visibility of the state field in the user's contact information. When true, state is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowStateToExternalUsers, making the user's state visible to external members. The default value is false.
BadgeText string The Experience Cloud site role, displayed on the user profile page just below the user name.
BannerPhotoUrl string The URL for the user's banner photo. This field is available in API version 36.0 and later.
OfflineTrialExpirationDate number The date and time when the user's Connect Offline trial expires.
UserPreferencesDisableBookmarkEmail boolean When false, the user automatically receives email every time someone comments on a Chatter feed item after the user has bookmarked it.
UserPreferencesDisableProfilePostEmail boolean When false, the user automatically receives email every time someone posts to the user's profile.
UserRoleId string UserRole ID of the user's UserRole. Label is Role ID.
CurrentStatus string Text that describes what the user is working on.
UserPreferencesHideLightningMigrationModal boolean Reserved for future use.
UserPreferencesUserDebugModePref boolean When true, the Lightning Component framework executes in debug mode for the user. Corresponds to the Debug Mode checkbox on the Advanced User Details page of personal settings in the user interface.
EmailPreferencesAutoBcc boolean Determines whether the user receives copies of sent emails. This option applies only if compliance BCC emails aren't enabled.
UserPreferencesDisableChangeCommentEmail boolean When false, the user automatically receives email every time someone comments on a change the user has made, such as an update to their profile.
UserPreferencesDisableFollowersEmail boolean When false, the user automatically receives email every time someone starts following the user in Chatter.
UserPreferencesShowCountryToGuestUsers boolean Indicates the visibility of the country field in the user's contact information. When true, country is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCountryToExternalUsers, making the user's country visible to external members. The default value is false.
UserPreferencesShowMobilePhoneToGuestUsers boolean Indicates the visibility of the mobile phone field in the user's contact information. When true, the mobile phone field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowMobilePhoneToExternalUsers, making the user's mobile phone visible to guests. The default value is false.
FullPhotoUrl string The URL for the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo.
SenderName string The name used as the email sender when the user sends emails. This name is the same value shown in Setup on the My Email Settings page.
UserPermissionsCallCenterAutoLogin boolean Required if Salesforce CRM Call Center is enabled. Indicates whether the user is enabled to use the auto login feature of the call center (true) or not (false).
UserPermissionsMarketingUser boolean Indicates whether the user is enabled to manage campaigns in the user interface (true) or not (false). Label is Marketing User.
ContactId string ID of the Contact associated with this account. The contact must have a value in the AccountId field or an error occurs.
GeocodeAccuracy string The level of accuracy of a location's geographical coordinates compared with its physical address. A geocoding service typically provides this value based on the address's latitude and longitude coordinates.
PostalCode string The user's postal or ZIP code. Label is Zip/Postal Code.
SenderEmail string The email address used as the From address when the user sends emails. This address is the same value shown in Setup on the My Email Settings page.
State string The state associated with the User.
UserPreferencesDisableWorkEmail boolean When false, the user receives emails related to WDC feedback, goals, and coaching. The user must also sign up for individual emails listed on the WDC email settings page. When true, the user doesn't receive any emails related to WDC feedback, goals, or coaching even if they're signed up for individual emails.
UserPreferencesShowWorkPhoneToExternalUsers boolean Indicates the visibility of the work phone number field in the user's contact information. The number is visible only to internal members of the user's organization when this field is false. The number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false.
CountryCode string The ISO country code associated with the user.
Signature string The signature text added to emails. This text is the same value shown in Setup on the My Email Settings page.
UserPermissionsLiveAgentUser boolean Indicates whether the user is enabled to use Chat (true) or not (false). Label is Live Agent User.
UserPreferencesApexPagesDeveloperMode boolean When true, indicates that the user has enabled developer mode for editing Visualforce pages and controllers.
UserPreferencesDisableMessageEmail boolean When false, the user automatically receives email for Chatter messages sent to the user.
City string The city associated with the user.
EmployeeNumber string The user's employee number.
IsPortalSelfRegistered boolean Indicates whether the user is a Customer Portal user who self-registered for your organization's Customer Portal (true) or not (false).
UserPreferencesDisProfPostCommentEmail boolean When false, the user automatically receives email every time someone comments on posts on the user's profile.
ManagerId string User The Id of the user who manages this user.
DefaultGroupNotificationFrequency string The default frequency for sending the user's Chatter group email notifications when the user joins groups. The valid values are "P" (Email on every post), "D" (Daily digests), "W" (Weekly digests), "N" (Never). The default value is "N". For Professional, Enterprise, Unlimited, and Developer Edition organizations that existed before API version 22.0, the default value remains "D".
IsPartner boolean Indicates whether the user is a partner who has access to the partner portal (true) or not (false). This field isn't available for release 9.0 and later. Instead, use UserType with the value Partner or Power Partner.
SmallBannerPhotoUrl string The URL for the small user profile banner photo.
UserPreferencesDisableLikeEmail boolean When false, the user automatically receives email every time someone likes their post or comment.
UserPreferencesHideSecondChatterOnboardingSplash boolean When true, the secondary Chatter onboarding prompts don't appear.
UserPreferencesHideSfxWelcomeMat boolean Controls whether a user sees the Lightning Experience new user message. That message welcomes users to the new interface and provides step-by-step instructions that describe how to return to Salesforce Classic.
UserPreferencesShowStreetAddressToExternalUsers boolean Indicates the visibility of the street address field in the user's contact information. The address is visible only to internal members of the user's organization when this field is false. The address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses.The default value is false.
LastModifiedById string User The unique identifier (id) for the User who modified the User recently.
SystemModstamp number The time when the User was last modified by a user or an automated process (such as a trigger)
ProfileId string Profile ID of the user's Profile. Use this value to cache metadata based on profile.
UserPermissionsInteractionUser boolean Indicates whether the user can run flows or not. Label is Flow User.
UserPreferencesDisableSharePostEmail boolean When false, the user automatically receives email every time their post is shared.
UserPreferencesDisCommentAfterLikeEmail boolean When false, the user automatically receives email every time someone comments on a post that the user liked. This field is available in API version 24.0 and later.
UserPreferencesShowCityToExternalUsers boolean Indicates the visibility of the city field in the user's contact information. City is visible only to internal members of the user's organization when this field is false. City is visible to external members in an Experience Cloud site when this field is true, or this field is false but UserPreferencesShowCityToGuestUsers is true, which overrides this field's value. External users are users with Community, Customer Portal, or partner portal licenses.
UserPreferencesShowPostalCodeToGuestUsers boolean Indicates the visibility of the postal or ZIP code field in the user's contact information. When true, postal code is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowPostalCodeToExternalUsers, making the user's postal code visible to external members. The default value is false.
Id string The unique identifier of User
Longitude number Used with Latitude to specify the geolocation of an address. Acceptable values are numbers between -180 and 180 up to 15 decimal places.
UserPermissionsWirelessUser boolean Required if the Wireless permission is enabled. Indicates whether the user is enabled to use Wireless Edition (true) or not (false). Label is Wireless User.
UserPreferencesHideCSNDesktopTask boolean When true, the Chatter recommendations panel never displays the recommendation to install Chatter Desktop.
UserPreferencesShowTitleToGuestUsers boolean Indicates the visibility of the business title field in the user's contact information. When true, title is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site.When true, this field overrides the value false in UserPreferencesShowTitleToExternalUsers, making the user's title visible to external members. The default value is false.
DefaultDivision string This record's default division. Only applicable if divisions are enabled.
LastViewedDate number The timestamp for when the current user last viewed this record. If this value is null, it's possible that this record was referenced (LastReferencedDate) but not viewed.
UserPreferencesDisableRewardEmail boolean When false, the user automatically receives emails related to WDC rewards. The user receives these emails when someone gives a reward to the user.
CommunityNickname string Name used to identify this user in the Experience Cloud site.
DelegatedApproverId string User Id of the user who is a delegated approver for this user.
DefaultCurrencyIsoCode string The user's default currency setting for new records. For example, if a user in France sets DefaultCurrencyIsoCode to euros, then that's their default currency. Only applicable for organizations that use multiple currencies.
Latitude number Used with Longitude to specify the geolocation of an address. Acceptable values are numbers between -90 and 90 up to 15 decimal places.
LocaleSidKey string This field is a restricted picklist field. The value of the field affects formatting and parsing of values, especially numeric values, in the user interface. It doesn't affect the API. The field values are named according to the language, and the country if necessary, using two-letter ISO codes. The set of names is based on the ISO standard. You can also manually set a user's locale in the user interface, and then use that value for inserting or updating other users via the API.
Name string Concatenation of FirstName and LastName.
UserPermissionsSFContentUser boolean Indicates whether the user is allocated one Salesforce CRM Content User License (true) or not (false). Label is Salesforce CRM Content User. The Salesforce CRM Content User license grants the user access to the Salesforce CRM Content application.
UserPreferencesActivityRemindersPopup boolean When true, a reminder window automatically opens when an activity reminder is due. Corresponds to the Trigger alert when reminder comes due checkbox at the Reminders page in the personal settings in the user interface.
UserPreferencesSuppressEventSFXReminders boolean When true, event reminders don't appear. Corresponds to the Show event reminders in Lightning Experience checkbox on the Activity Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
Address object Address of the user.
 City string The city detail for the address.
 Country string The country detail for the address.
 CountryCode string The ISO country code for the address.
 Latitude number Used with Longitude to specify the precise geolocation of the address.
 Longitude number Used with Latitude to specify the precise geolocation of the address.
 State string The state detail for the address.
 StateCode string The ISO state code for the address.
 Accuracy string Accuracy level of the geocode for the mailing address.
 PostalCode string The postal code for the address.
 Street string The street detail for the address.
CallCenterId string If Salesforce CRM Call Center is enabled, represents the call center that this user is assigned to.
ReceivesInfoEmails boolean Indicates whether the user receives informational email from Salesforce (true) or not (false).
Username string Contains the name that a user enters to log in to the API or the user interface. The value for this field must be in the form of an email address, using all lowercase characters. It must also be unique across all organizations. If you try to create or update a User with a duplicate value for this field, the operation is rejected.
UserPermissionsWorkDotComUserFeature boolean Indicates whether the WDC feature is enabled for the user (true) or not (false).
Title string The user's business title, such as Vice President.
UserPreferencesShowFaxToExternalUsers boolean Indicates the visibility of the fax number field in the user's contact information. Fax number is visible only to internal members of the user's organization when this field is false. Fax number is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. The default value is false.
UserPreferencesShowFaxToGuestUsers boolean Indicates the visibility of the fax number field in the user's contact information. When true, the fax number field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowFaxToExternalUsers, making the user's fax number visible to guests. The default value is false.
AccountId string ID of the Account associated with a Customer Portal user. This field is null for Salesforce users.
CreatedDate number The time when the User was created
Country string The country associated with the user.
IsPrmSuperUser boolean Available for partner portal users only. Indicates whether the user has super user access in the partner portal (true) or not (false).
UserPreferencesDisableFeedbackEmail boolean When false, the user automatically receives emails related to WDC feedback. The user receives these emails when someone requests or offers feedback, shares feedback with the user, or reminds the user to answer a feedback request.
UserPreferencesHideEndUserOnboardingAssistantModal boolean Reserved for future use.
UserPreferencesShowManagerToGuestUsers boolean Indicates the visibility of the manager field in the user's contact information. When true, the manager field is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowManagerToExternalUsers, making the user's manager visible to guests. The default value is false.
WirelessEmail string Wireless email address associated with this user. For use with Salesforce Wireless Edition. This field is available only if the Wireless and Email permissions are enabled for your organization.
FederationIdentifier string Indicates the value that must be listed in the Subject element of a Security Assertion Markup Language (SAML) IDP certificate to authenticate the user for a client application using single sign-on. This value must be specified if the SAML User ID Type is Assertion contains Federation ID from the User record. Otherwise, this field can't be edited.
IsProfilePhotoActive boolean Indicates whether a user has a profile photo (true) or not (false).
PortalRole string The role of the user in the Customer Portal (either "Executive", "Manager", "User", or "PersonAcount")
UserPreferencesDisableAllFeedsEmail boolean When false, the user automatically receives email for all updates to Chatter feeds, based on the types of feed emails and digests the user has enabled.
UserPreferencesShowCityToGuestUsers boolean Indicates the visibility of the city field in the user's contact information. When true, city is visible to guest users. Guest users can access public Site.com and Salesforce sites, and public pages in Experience Cloud sites, via the Guest User license associated with each site. When true, this field overrides the value false in UserPreferencesShowCityToExternalUsers, making the user's city visible to external members. The default value is false.
UserPreferencesShowEmailToExternalUsers boolean Indicates the visibility of the email address field in the user's contact information. Email address is visible only to internal members of the user's organization when this field is false. Email address is visible to external members in an Experience Cloud site when this field is true. External users are users with Community, Customer Portal, or partner portal licenses. When false, this field returns the value #N/A. The default value is false.
LastModifiedDate number The time when the User was last modified by a user
Phone string The user's phone number.
TimeZoneSidKey string This field is a restricted picklist field. A User time zone affects the offset used when displaying or entering times in the user interface. But the API doesn't use a User time zone when querying or setting values. Values for this field are named using region and key city, according to ISO standards. You can also manually set one User time zone in the user interface, and then use that value for creating or updating other User records via the API.
UserPreferencesLightningExperiencePreferred boolean When true, redirects the user to the Lightning Experience interface. Label is Switch to Lightning Experience.
UserPreferencesOptOutOfTouch boolean When false, the user automatically accesses the Salesforce Touch app when logging in to Salesforce from an iPad. If true, automatic access to the Salesforce Touch app is turned off and the user's iPad is directed to the full Salesforce site instead. The default value is false.
CreatedById string User The unique identifier (id) for the User who created the User.
DigestFrequency string The send frequency of the user's Chatter personal email digest. The valid values are: "D" (Daily), "W" (Weekly), "N" (Never). The default value is "D".
Manager string User lookup field used to select the user's manager. This field establishes a hierarchical relationship, preventing you from selecting a user that directly or indirectly reports to themselves.
SmallPhotoUrl string The URL for a thumbnail of the user's profile photo. This field is available even if Chatter is disabled. The URL is updated every time a photo is uploaded and reflects the most recent photo. If a newer photo is uploaded, the URL returned for an older photo isn't guaranteed to return a photo. Query this field for the URL of the most recent photo.
UserPreferencesEventRemindersCheckboxDefault boolean When true, a reminder popup is automatically set on the user's events. Corresponds to the By default, set reminder on Events to... checkbox on the Reminders page in the user interface. This field is related to UserPreference and customizing activity reminders.
UserPreferencesHideBiggerPhotoCallout boolean When true, users can choose to hide the callout text below the large profile photo.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
restrictedProfileCloning boolean When enabled (true), only permissions accessible to your org are enabled when you clone profiles. When disabled (false), all permissions currently enabled in the source profile are also enabled for the cloned profile, even if your org can't currently access them. This field is available in API version 50.0 and later.
enableContactlessExternalIdentityUsers boolean If true and your org has the External Identity license, you can create contactless users. Having users without contact information reduces the overhead of managing customers. Purchase the External Identity license to access the Customer 360 Identity product. The default is false. Available in API version 47.0 and later.
enableScrambleUserData boolean If you enable Let Users Scramble Their User Data (true), users can request that Salesforce remove all their personal data. Because Salesforce can't delete information, it scrambles their data. Scrambling a user's data is unrecoverable. So this org-wide setting serves as an extra precaution. If a user requests it, you scramble the data programmatically with the obfuscateUser Apex method. You can use the method, for example, in a custom Apex trigger, workflow, or the Developer Console. This field is available in API version 47.0 and later.
enableUserSelfDeactivate boolean If you enable User Self Deactivate (true), users can deactivate their Experience Cloud site or Chatter accounts.
enableEnhancedConcealPersonalInfo boolean Indicates if personal information fields in user records are hidden from external users (true) or not (false). When this field is set to true, you can choose which fields are classified as personal information and hidden on the User Management Settings Setup page. The default value is false. This field is available in API version 53.0 and later.
enableEnhancedPermsetMgmt boolean If you enable Enhanced Permission Set Component Views (true), you can work with permission sets more easily. For example, when you have large numbers of Apex class assignments for permission sets, you can enable a paginated result set, standard filtering, and sorting.
enableEnhancedProfileMgmt boolean If you enable Enhanced Profile Lists Views (true), you can quickly view, customize, and edit list data.
enableNewProfileUI boolean If you enable Enhanced Profile User Interface (true), you can use the streamlined, enhanced profile user interface to browse, search, and modify settings. You can use only one user interface at a time.
enableProfileFiltering boolean With profile filtering enabled (true), you can restrict who sees profile names to the users who require the access for their job roles. If profile filtering is disabled (false), users can see all profiles in a Salesforce org, regardless of which permissions they have.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
CreatedById string User The unique identifier (id) for the User who created the UserProvisioningConfig.
DeveloperName string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
Enabled boolean Indicates whether user provisioning is enabled for the associated connected app (true) or not (false).
NamedCredentialId string Salesforce ID of the named credential that's used for a request. The named credential identifies the third-party system and the third-party authentication settings.
NamespacePrefix string The namespace prefix that is associated with this object. Each Developer Edition org that creates a managed package has a unique namespace prefix. Limit: 15 characters. You can refer to a component in a managed package by using the namespacePrefix__componentName notation.
CreatedDate number The time when the UserProvisioningConfig was created
SystemModstamp number The time when the UserProvisioningConfig was last modified by a user or an automated process (such as a trigger)
MasterLabel string The primary label for this object. This value is the internal label that doesn't get translated.
LastModifiedById string User The unique identifier (id) for the User who modified the UserProvisioningConfig recently.
LastModifiedDate number The time when the UserProvisioningConfig was last modified by a user
approvalRequired string Denotes whether approvals are required for provisioning users for the associated connected app. If the value is null, no approval is required.
Notes string A utility field for administrators to add any additional information about the configuration. This field is for internal reference only, and is not used by any process.
ReconFilter string When collecting and analyzing users on a third-party system, the plug-in uses this filter to limit the scope of the collection.
Id string The unique identifier of UserProvisioningConfig.
ConnectedAppId string ConnectedApplication The 18-digit application ID for the connected app.
EnabledOperations string Lists the operations, as comma-separated values, that create a user provisioning request for the associated connected app. Allowed values are: Create, Update, EnableAndDisable (activation and deactivation), SuspendAndRestore (freeze and unfreeze).
Language string The two- to five-character code that represents the language and locale ISO. This code controls the language for labels displayed in an application.
LastReconDateTime number The date and time when user accounts were last reconciled between Salesforce and the target system.
OnUpdateAttributes string Lists the user attributes, as comma-separated values, that generate a UserProvisioningRequest object during an update.
UserAccountMapping list<object> Stores the attributes used to link the Salesforce user to the account on the third-party system, in JSON format.
 linkingSalesforceUserAttribute string The salesforce user attribute used to link.
 linkingTargetUserAttribute string The target user attribute used to link.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION
LastModifiedById string User The unique identifier (id) for the User who modified the UserRole.
LastModifiedDate number The time when the User was last modified by a user
Name string Name of the role.
OpportunityAccessForAccountOwner string The opportunity access level for the account owner. Note that you can't set a user role with an opportunity access less than that specified in organization-wide defaults.
SystemModstamp number The time when the ObjectPermission was last modified by a user or an automated process (such as a trigger).
PortalAccountId string The ID of the role's associated portal account.
RollupDescription string Description of the forecast rollup
DeveloperName string The unique name of the object in the API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
ForecastUserId string User The ID of the forecast manager associated with this role.
MayForecastManagerShare boolean Indicates whether the forecast manager can manually share their own forecast.
ParentRoleId string UserRole The ID of the parent role.
PortalAccountOwnerId string User The ID of the role's associated portal account's owner.
PortalType string This value indicates the type of portal for the role: None, CustomerPortal, Partner.
CaseAccessForAccountOwner string The case access level for the account owner.
ContactAccessForAccountOwner string The contact access level for the account owner.
Id string The unique identifier of UserRole.
ATTRIBUTE TYPE REFERS TO DESCRIPTION
ATTRIBUTE TYPE REFERS TO DESCRIPTION