I want to set up the Zendesk for Salesforce integration, but I'm not able to use the default System Administrator profile. What permissions are required to link these successfully?
There are a few different permissions that are required depending on which integration features you want to use:
- Administrative Permissions > API Enabled
If you don't see the above option within your profiles, reach out to Salesforce Support or check that your SFDC plan includes access to the API. For more information, see the Salesforce community post: "Enable API" not available.
- Administrative Permissions > Modify Metadata Through Metadata API Functions
- Standard Objects Permissions > Push Topics (full access)
Push Topics is required to use the Account, Contact, or Lead syncing portion of the Data Sync feature, as it relies on the SFDC Streaming API.
- Access to account, contact, lead, or opportunity objects
The ticket-view settings start out pointing to the following fields:
Unless these settings have been adjusted, the SFDC profile of the connecting user will need to have at least read-only access to those fields within their respective objects:
- Account object - "Account Name" field
- Contact object - "Email" field
- Opportunity object - "Related account name" field
- Lead object - "Email" field
- Access to Case Objects
Even if not using the ticket-to-case sync, access to the Case object is required to connect the integration initially.
- Access to relevant Case fields
This is only required if using the integration's ticket-to-case syncing feature. The relevant fields include all of the fields listed in the Standard field mapping section: Setting up Ticket Sync from Zendesk to Salesforce.
The quickest way to modify these fields is within the profile in Field-level security > Case > (view) to ensure that the profile in question has edit access to the aforementioned fields.
- Access to the Connected app
The article mentions setting the Allowed Profiles in the Connected App Manager: Setting up user access to Zendesk tickets in Salesforce. These settings need to be in place when the integration is connected Admin Center. They will not retroactively apply if changed after the app is connected.
- Available Push Topics
According to the Salesforce Streaming Limits article, plans are typically capped at either 40, 50, or 100 push topics:
These could be consumed by other integrations or apps. To see how many currently exist, you can execute the following SOQL query (this can be done in the Developer Console or Workbench).
SELECT count() from PushTopic
The Zendesk for Salesforce integration needs to be able to create three of these push topics: one each for Accounts, Contacts, and Leads.
- Visualforce Pages
Although the Lightning component should automatically inherit the permissions of the connected app, visualforce pages will only be authorized for the System Administrator profile until specified otherwise. To control the permissions of these visualforce pages, head into Salesforce > Setup > Custom Code > Visualforce Pages:
From there, make sure the profile in question has access to the visualforce page in question.