FinDock permission set groups
If you have not already done so, please read and implement the general permission guidance.
With the introduction of FinDock permission set groups, the overall permission framework for FinDock changes to a solution that enables greater control and granularity of permissions.
The framework has three layers: Salesforce permission, FinDock permission sets, and FinDock permission set groups.
The foundation of FinDock permissions is necessarily Salesforce permissions and best practices for managing data access.
Salesforce permissions
Salesforce user profiles, licensing, roles and settings determine the baseline for FinDock users. We provide some general guidance, but ultimately organizations define their own specific user and security practices.
All Salesforce permission management capabilities can be applied to FinDock permission. This includes:
- Muting permissions at any level within a permission set group
- Creating your own permission set groups
- Adding your own permission sets to FinDock permission set groups
FinDock permission sets
FinDock permission sets define the minimum requires to access and/or use features. Generally, permission sets are split between design-time tasks (feature setup) and run-time tasks (feature usage).
A FinDock permission set is always included in one or more FinDock permission set groups. FinDock permission sets can be assigned to users directly, but we recommend using groups so that user get the required updates when a FinDock package is installed or updated.
Automatic permission set handling
FinDock automatically adds package-specific permission sets to the relevant FinDock-managed groups when and newly installed package (processor) is activated.
For packages installed before the May '24 release, FinDock also carries out a one-time check of permission sets when the FinDock Setup is opened and adds any missing sets to FinDock-managed groups.
FOR INSTALLATIONS PRIOR TO MAY '24 RELEASE If you are using classic permission sets, you can move to the new permission set groups. However, you need to open FinDock Setup to get the new FinDock permission sets from already installed packages added to FinDock groups.
FinDock permission set groups
FinDock provides permission set groups for typical user archetypes or "personas" that are typically involved with payments on Salesforce.
FinDock Integration User permission set group
The FinDock Integration User permission set group is intended for integration use cases only. This includes connections to external services, such as ProcessingHub, WebHub and PSPs, as well as FinDock features that use those connections, like payment schedules.
All permission sets added by FinDock to the FinDock Integration User group support the free Salesforce integration user license.
If you add custom permission sets to this group, be sure to check the group status afterwards. If the status is Failed, check for conflicts with the integration user license (and Salesforce API Only System Integrations profile) limitations.
This permission set group can also be used for automation use cases where a non-person user suffices. For FinDock, this applies to the FinDock Heartbeat which exclusively runs backend Apex jobs. For further details, see Configuring FinDock Core general settings and heartbeat
FinDock Administrator permission set group
The FinDock Administrator permission set group gives access to all FinDock core setup areas as well as access to specific run-time features for testing and troubleshooting.
Please note that the user profile for FinDock Administrator must include the following Salesforce permissions:
- Customize Application (including Modify Metadata)
- Lightning Experience User
- API Enabled
FinDock Service Agent permission set group
The FinDock Service Agent permission set group is intended for Salesforce users who work directly or indirectly with payers to collect new payments or modify existing payments. Customer care and support staff, call-center agents and similar roles need this permission set group.
The included permission sets allow users to create and modify (but not delete) payment-related records and use the FinDock Payment component to handle MOTO payments.
FinDock Payment Operations permission set group
The FinDock Payment Operations permission set group is intended for Salesforce users who carry out day-to-day payments management tasks, including payment collection and reconciliation, mandate management, payment request generation, and disbursements.
FinDock permission sets
The following tables provide a complete overview of FinDock permission sets and the permission set groups where they are included. These sets are automatically added to the groups when the respective package is installed.
Adyen permission sets
The following sets are included in the Adyen package.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Adyen Base | Field-level Security for Adyen fields | ||||
FinDock Adyen Integration | Permissions for payment set up and notification handling | ||||
FinDock Adyen Setup | Permissions to access and modify Adyen setup |
Axerve permission sets
The following sets are included in the Axerve package.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Axerve Base | Field-level Security for Axerve fields | ||||
FinDock Axerve Integration | Permissions for payment set up and notification handling | ||||
FinDock Axerve Setup | Permissions to access and modify Axerve setup |
Bacs permission sets
The following sets are included in the Bacs package for Bacs Manual and SmartDebit.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Bacs Base | Field-level Security for Bacs Manual and SmartDebit fields | ||||
FinDock Bacs Components | Permissions to access and run Bacs Manual and SmartDebit mandate schedules, as well as execute sort code and account checks | ||||
FinDock Bacs Integration | Permissions for collection and reconciliation through Bacs Manual and SmartDebit | ||||
FinDock Bacs Setup | Permissions to access and modify Bacs Manual and SmartDebit setups |
Buckaroo permission sets
The following sets are included in the Buckaroo package.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Buckaroo Base | Field-level Security for Buckaroo fields | ||||
FinDock Buckaroo Integration | Permissions for payment set up and notification handling | ||||
FinDock Buckaroo Setup | Permissions to access and modify Buckaroo setup |
Checkout.com permission sets
The following sets are included in the Checkout.com package.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Checkout Base | Field-level Security for Checkout.com fields | ||||
FinDock Checkout Integration | Permissions for payment set up and notification handling | ||||
FinDock Checkout Setup | Permissions to access and modify Checkout.com setup |
FinDock Core permission sets
The following sets are included in the FinDock Core package.
Name | Description | Admin | Agent | Integr. | Ops |
---|---|---|---|---|---|
FinDock Additional Setup | Access to Installments and Inbound Reports tabs added through Additional Setup package | ||||
FinDock Core Base | Field-level security for FinDock fields on objects you have permission to access | ||||
FinDock Core Delete | Permissions to delete FinDock object records except for Audit Trail, Job and Target Property objects | ||||
FinDock Core Disbursement | Permissions to access and modify payable installments and run payment schedules for disbursement | ||||
FinDock Core File-based Payments Integration | Permissions for integration-related actions of parsing and matching files | ||||
FinDock Core Giving Pages and PayLinks | Permissions for Pages Manager and the Builder used to create and configure Giving Pages and PayLinks | ||||
FinDock Core Guided Matching Run | Permissions to view and execute Guided Matching rule sets on inbound payment records | ||||
FinDock Core Guided Matching Setup | Permissions for accessing and modifying Guided Matching Setup | ||||
FinDock Core Mandate Schedule Integration | Permissions for integration-related actions to create and run mandate schedules | ||||
FinDock Core Mandate Schedule Run | Permissions to view mandate and recurring mandate schedules and run individual mandate schedules | ||||
FinDock Core Mandate Schedule Setup | Permissions for creating mandate and recurring mandate schedules | ||||
FinDock Core Online Payments Integration | Permissions for integration-related actions of payment collection and reconciliation through WebHub, Notification Gateway and FinDock Payment API | ||||
FinDock Core Payment Components | Permissions to create and modify payment details through front-end components | ||||
FinDock Core Payment Insights | Permissions to view records related to installments including payment profiles, mandates, etc. | ||||
FinDock Core Payment Management | Permissions to create and modify one-time and recurring payment records | ||||
FinDock Core Payment Request Generation Setup | Permissions to set up bulk payment request generation | ||||
FinDock Core Payment Request Run | Permissions to view and bulk generate payment requests with the Payment Request Generator | ||||
FinDock Core Payment Schedule Integration | Permissions for integration-related actions to create and run payment schedules | ||||
FinDock Core Payment Schedule Run | Permissions to view payment and recurring payment schedules and run individual payment schedules |