- Explain the importance of Salesforce user records.
- Explain the difference between deactivating and freezing a user record.
- Explain how a user can become locked and unlocked.
- Explain the concept of record ownership.
- Describe the capabilities of queues.
- Describe which objects support queues.
- Explain the difference between user and feature licenses.
- Explain how licensing influences what actions a user can perform.
- Explain the implications of user localization settings.
- Describe the translation capabilities of Salesforce.
- Describe the different methods that can be used to authenticate to Salesforce.
- Describe identity verification, and under what conditions it occurs.
- Describe how to monitor and remove activations.
- Describe the security token, and under what conditions it is required.
- Describe the steps required to login as another user.
- Describe a session, and what settings influence sessions.
- Describe how to monitor and remove sessions.
- User Setup – Module Checkpoint
Salesforce.com User Authentication
Video Must 14m CertifiedOnDemand.com
Objectives for this Resource:
Website: The standard Salesforce user interface.
Security Token: Grants API access, requires appending a security token to the end of the password but skips the activation process. Commonly used for integrations and other applications that are intended for system administrators (rather than end users).
OAuth: Grants access using a standard username and password, uses the standard activation process and requires that the user grant access to the application. Commonly used for end user applications (demo).
Single Sign On (SSO): Uses another set of credentials (for example your laptop username and password, which is linked to Active Directory) to authenticate to Salesforce (this would mean that you would not need a username and password in order to login). In-depth knowledge of SSO is not required for this course.
Some applications, such as the Data Loader, will allow you to choose your authentication method. In this example, “Password Authentication” would require a security token, while “OAuth” would require that the user grant access to the application.
Identity verification (previously referred to as device activation or computer activation) requires that the user take an additional step to complete the authentication process from an unidentified device. This step is typically to enter a challenge code delivered via email or text message.
This process is designed to prevent unauthorized access to Salesforce.com, particularly in the event of a hijacked username and password.
Identity verification is typically required when a) there is no cookie in the browser indicating a previous login AND b) the user is connecting from OUTSIDE of a trusted network (or no trusted network is declared).
Verification summarized @11m0s
A user must append their security token to their password when authenticating via the API, unless they are connecting within a Trusted IP range.
API summarized @11m20s