Spant
spant.no
DocsProff ConnectSecurity & Permissions
Security & Permissions

Security & Permissions

How security, permissions, and data access are handled in Proff Connect.

This section describes how security, permissions, and data access are handled in Proff Connect. It focuses on what administrators and users need to know when deploying the solution in their Salesforce org.

Proff Connect is designed to follow Salesforce's security model and respects your existing org-wide settings, sharing rules, profiles, and permission sets. All configuration and data remain fully inside your Salesforce org.

1. Access Management

1.1 Permission Set Groups

Proff Connect includes two permission set groups to simplify administration:

Permission Set GroupIncluded Permission SetIntended for
Proff Connect Admin GroupProff Connect AdminSystem administrators or integration owners
Proff Connect User GroupProff Connect UserUsers who search, enrich, sync, or view insight data

We recommend assigning the permission set group, not the individual permission set. This allows you to create Muting Permission Sets inside the group to control specific privileges, while still receiving updates as new package versions add new permissions.

1.2 Proff Connect Insight Data Permission Set

Since Company Insight and Contact Insight custom objects have a master-detail relationship to Account and Contact, it is not possible to assign CRUD access to those objects and all following child objects with Master-Detail relationships (meaning all other Company Insight Child objects and Contact Insight Child objects).

To solve this, we have added a post-install class to the package that will create a permission set in the org with the correct CRUD access to these objects. Note this permission set is ONLY configured to manage the CRUD; FLS access is still assigned through the permission sets described above.

Important

You need to assign access to Proff Connect Insight Data permission set as well. It is recommended to add the permission set into both of the Permission Set Groups described above.

1.3 Custom Permission (Optional)

A custom permission controls whether users may manually create Accounts directly from the Company Search component.

Custom Permission: Create Account Manually

If the permission is not assigned, the button is hidden and users can only create Accounts via the Proff API search and mapping flow.

2. Authentication & API Key Handling

2.1 Bring-Your-Own-Token (BYOT)

Proff Connect does not store or generate API tokens. Customers obtain a token directly from Proff / Enento Group and enter it in the Authentication Setup component.

2.2 Secure Storage

The API token is stored in a Protected Custom Setting, meaning:

  • It is not visible in Setup
  • It is not exportable
  • It is only readable by Apex code inside the packaged namespace
  • It cannot be retrieved by users, flows, reports, or external apps

2.3 Masking of Token

When viewing token information (such as usage or expiry), the API token returned from the Proff API is server-side masked before being sent to the client. Only the last four characters are visible.

2.4 Rotating the Token

Customers rotate the token manually by entering a new value. The solution only stores one active key and does not act as a token vault for managing multiple or expired tokens.

3. Data Access & Storage

3.1 Read-Only Integration

Proff Connect is a read-only integration. The solution does not send customer data to Proff. All outbound requests are GET requests to retrieve publicly available company and person information.

3.2 Data Stored in Salesforce

The solution stores:

  • Accounts, Contacts, Leads created by users
  • Company Insight records
  • Contact Insight records
  • Customer-defined Field Mappings
  • Integration history (request metadata)
  • Error logs (on failures only)

No raw API payloads are stored for successful requests.

3.3 No External Storage

Proff Connect does not store information outside of Salesforce. All records created from API data remain fully in the customer's org.

4. Logging & Error Handling

4.1 Integration Logs

Each API request is logged with:

  • Timestamp
  • Endpoint used
  • Response code (e.g., 200 / 404 / 500)
  • Latency
  • Request details without token
  • Masked error responses (if any)

Successful responses do not store any API payload.

4.2 Error Logs

If a failure occurs (e.g., invalid mapping, missing permissions, or API error), the error is logged without exposing sensitive data. Logs help administrators troubleshoot, while avoiding any storage of personal or confidential information.

4.3 User Messages

User-facing components show only sanitized, high-level messages such as:

  • "Unable to fetch company details."
  • "Permission required to update this record."

Internal exception details never appear in the UI.

5. Field-Level & Object-Level Security

Proff Connect inherits all Salesforce security models:

  • Profile and Permission Set object-level access
  • Field-Level Security (FLS)
  • Sharing rules
  • Record ownership
  • Org-wide defaults

Users can only access, create, or update records or fields that they already have permissions for. This applies to:

  • Mapping fields
  • Creating Accounts, Leads, or Contacts
  • Updating existing records
  • Viewing or creating Insight records

If users lack permission, the UI prevents actions and Apex returns a safe message.

6. Component-Level Permissions

Proff Connect Lightning Web Components (LWCs) follow Salesforce's security standards:

  • No storage of sensitive data in the client
  • No direct access to raw API response bodies
  • All security checks performed server-side
  • No use of unsafe browser APIs
  • No external JavaScript libraries or CDN scripts
  • Compliant with Lightning Locker and CSP

Components only expose the data required to complete user workflows.

7. API Security & Transport

All API requests use:

  • HTTPS with TLS 1.2+
  • Named Credential for the base URL
  • Customer-provided token in the Authorization header
  • Server-side sanitization before logging

Outbound callouts are restricted to the endpoints listed in the Proff API Endpoint metadata. The package cannot call any other URLs.

8. Summary of Security Properties

Proff Connect is designed to operate securely within Salesforce's security model:

AreaSummary
Data FlowRead-only, outbound GET calls only
Token StorageProtected Custom Setting (non-exportable)
Callout SecurityTLS 1.2+, Named Credential, endpoint allowlist
LoggingNo payload storage, masked sensitive data
Field & Object SecurityFully respects CRUD/FLS and sharing
User AccessPermission set groups and optional custom permission
Component SecurityNo unsafe JS; full Locker compliance

Was this article helpful?