Skip to main content

Permissions

You can fine tune permissions for FinDock users using a combination of Salesforce profiles and permission sets. To learn more about how these work together, watch Who Sees What on the Salesforce YouTube channel. It is important to always keep in mind that permission sets can only grant additional permissions, not take them away.

User types#

Most organizations need three types of users to work with FinDock. Further user type granularity can implemented, but this simple approach is the most common:

  • FinDock administrator: administration with full access to all FinDock features and functions
  • Operations user: Salesforce users from Finance or other departments who need to use certain FinDock features
  • Integration user: Salesforce Integration User reserved for system integration authentications

Operations user#

In general, operations users work with payment processing records, such as source records that lead to installments, payment profiles and mandates. They perform payment collection activities such as uploading bank statement files and reconciling through Guided Matching.

FinDock administrator#

FinDock includes a special permission set for administrators, PaymentHub All FLS. This permission set allows administrators to access all FinDock objects and fields. However, we recommend assigning FinDock administrators all the FinDock permission sets.

Integration user#

System integrations need user accounts, aka “Integration Users,” that allow data transfer and operations between systems. FinDock has three points of integrations:

  • ProcessingHub
  • WebHub
  • Payment API

Please refer to the table below for details on which permission sets are needed for integration user(s). In addition to those permission sets, you need to also add the View Setup and Configuration permission to the integration user. This permission is typically only for system administrators, but FinDock integrations also require it.

Sharing settings#

An important aspect of permissions are Salesforce sharing settings. These settings determine what records can be seen by whom. To ensure correct operation of FinDock, make sure to allow the integration user(s) full sharing of all the contacts and accounts involved.

General permissions#

For FinDock to function correctly all user types (operations, admin and integration) need to have access to certain standard Salesforce objects. Some of these may be part of existing permission sets of your org, but please make sure the user types for FinDock have at least the following permissions:

  • Read access for Contact, Account and Campaign
  • Full access to Opportunity if Salesforce NPSP is used
  • CRU access for Contact and Account (for integration users only)
  • View Setup and Configuration permission (for users who access FinDock Setup)

FinDock permission sets#

The following table provides a complete overview of all FinDock permission sets. Please note the sets are only available if the respective package has been installed.

Permission SetDescriptionUser(s)Package
Adyen IntegrationIntegration for Payment API and PSP notifications to WebHubIntegrationAdyen
Axerve Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationAxerve
BACS FLSPermissions for Bacs processes and Payment API integrationAdministrator, Operations, IntegrationBacs
Buckaroo Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationBuckaroo
Checkout.com All FLSPermissions for Checkout.com featuresAdministrator, OperationsCheckout.com
Checkout.com Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationCheckout.com
FinDock Additional SetupDeployed by Installer; access to tabs Installments and Inbound Reports (see below)Administrator, OperationsCore
FinDock Site Guest UserSite Guest User (API v1 only)Site Guest UserCore
GiftAid FLSPermissions for Gift Aid featuresIntegration, OperationsGift Aid
GoCardlessIntegration for Payment API and PSP notifications to WebHubIntegrationGoCardless
Mollie Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationMollie
NPSP4PaymentHub All FLSPermissions for FinDock for NPSP featuresAdministrator, OperationsNPSP
PagesUser(s) creating and configuring Giving PagesAdministrator, OperationsCore
PaymentHub ALL FLSAdmin user for full access to all FinDock objectsAdministratorPaymentHub
PaymentHub Integration BaseIntegration for ProcessingHub connectionIntegrationCore
PaymentHub OperationsGeneral FinDock permissionsOperationsProcessingHub
PayPal FLSIntegration for Payment API and PSP notifications to WebHubIntegrationPayPal
ProcessingHub OperationsIntegration for ProcessingHub connection and permissions for ProcessingHub ManagerIntegration, OperationsProcessingHub
SEPA OperationsPermissions for SEPA, SEDA and Swiss (CH-DD, LSV+) processes and Payment API integrationOperations, IntegrationSEPA
Six Saferpay Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationSIX Saferpay
Stripe ALL FLSPermissions for Stripe featuresAdministrator, OperationsStripe
Stripe Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationStripe
Tikkie IntegrationIntegration for Payment API and PSP notifications to WebHubIntegrationTikkie
Worldpay Integration UserIntegration for Payment API and PSP notifications to WebHubIntegrationWorldpay

Further info#

FinDock Additional Setup#

With the January '21 release, we added two new tabs to the FinDock app - one for Installments and one for Inbound Reports. These new tabs come in handy in many different workflows, including Guided Matching debugging and configuration.

The tabs are implemented through a permission set and package called ‘FinDock Additional Setup'. This package is mandatory in the FinDock Installer. However, it is an unmanaged component, so organizations can modify the associated settings if needed.

These tabs are handled in a separate package to avoid potential conflicts with orgs that may already have tabs for Installments or Inbound Reports.

Once installed, users who are assigned the ‘FinDock Additional Setup’ permission set automatically get to see and use the Installment and Inbound Report tabs.

Gift Aid manual permission assignments#

In addition to the specific permission set for Gift Aid, there are permissions that need to be assigned manually. For further instructions, please refer to Configuring Gift Aid.