Security & Permissions

Proff Connect follows Salesforce's standard security model. This page covers the Salesforce-side of access control — who can use the app, what they can do, and how permissions are structured.

For information about API security and data protection, see Security & Data Protection in the API Reference section.

---

Permission Set Groups

Proff Connect includes two Permission Set Groups that cover most use cases:

Permission Set Group	Intended for
Proff Connect Admin Group	Administrators who manage the setup, API token, settings, and field mapping
Proff Connect User Group	Users who search, create, sync, or view company and contact data

---

Permission Sets

Permission Set	Description
Proff Connect Admin	Full access to the app including token management, settings, and field mapping
Proff Connect User	General access to all user-facing features
Proff Connect Insight Data	Required for all licensed users. Grants CRUD access to Company Insight and Contact Insight objects (see below). Verify that access is correct after setup: Verify Insight Data access.
Proff Connect Create Account Manually	Shows the "Create Manually" button in the Company Search component

Access to the Job Center and its areas (Change Job Setup, Change Overview, Mass Update Jobs, Delete Jobs) is governed by these permission sets. Typically, Proff Connect Admin is required to configure Change Jobs, run Mass Update and Delete Jobs, and manage maintenance. Users with Proff Connect User can use the app and components; admins control who sees and uses the Job Center via the same permission set groups.

---

Proff Connect Insight Data – why it's needed

Company Insight and Contact Insight are custom objects with a Master-Detail relationship to Account and Contact. Due to Salesforce platform restrictions, CRUD access to these objects cannot be included in a standard managed package permission set.

To solve this, Proff Connect includes a post-install script that automatically creates the Proff Connect Insight Data permission set in your org with the correct access.

How to add it to your Permission Set Groups:

1. Go to Setup → Permission Set Groups
2. Open Proff Connect User Group
3. Click Permission Sets in Group → Add Permission Set
4. Select Proff Connect Insight Data and click Add
5. Repeat for Proff Connect Admin Group

---

Custom permissions

Proff Connect uses custom permissions to control access to specific actions:

Create Account Manually Controls whether the "Create Manually" button is visible in the Company Search component. If not assigned, users can only create accounts via the Proff search flow — which helps keep CRM data clean and verified.

Remove Token Controls whether the "Remove Token" button is visible in the Authentication Setup. Only your main Proff Connect administrator should have this. Even users with full Salesforce admin rights cannot remove the token without this specific permission.

---

Field-level and object-level security

Proff Connect fully respects your org's existing security model:

• Object-level security (CRUD)
• Field-Level Security (FLS)
• Sharing rules and record ownership
• Org-wide defaults

Users can only access, create, or update records and fields they already have permission for. If a permission is missing, the UI prevents the action and displays a safe error message.

---

Restricting access with Muting Permission Sets

If you need to restrict specific permissions for a subset of users within a group, use Muting Permission Sets inside the Permission Set Group.

See: How to Restrict Access (Muting Permission Sets)