Supported Features
Note
Before you can use any item marked with an asterisk (*), SailPoint must first activate the feature for you.
The SailPoint Salesforce Connector supports the following features:

-
*Load and provision accounts
-
*Access certifications (Certification of entitlements connected to accounts)
-
Enable and disable accounts
-
Password Management
-
Add and remove associations of the following group objects with User objects:
-
PermissionSet
-
PermissionSetGroup
-
CollaborationGroups
-
PublicGroups
-
PermissionSetLicense
-
Role
-
ManagedPackage
-
DelegateGroup
Note
DelegateGroup objects can be assigned to active (enabled) users. If you disable a user that has a DelegateGroup object assigned to them, Salesforce automatically removes the it from the user. However, it doesn't update in SailPoint for that user. To update SailPoint, run the Iterate the User process after performing the Enable/Disable operation.
-
-
Create new Portal Users and Partner Users, and assign licenses
Note
Enabling and disabling Portal and Partner users is not supported. -
Aggregate
QueueNames
as an entitlement

-
Aggregate the following objects as group objects:
-
CollaborationGroup
Note
If you enable or disable a user that has a collaboration group object assigned to them, Salesforce automatically removes it, but it doesn't update in SailPoint for that user. To correct this, run the Iterate the User process after performing the Enable/Disable operation. -
Profiles
-
Role
Note
Includes the role's hierarchy. -
PermissionSet
-
PermissionSetGroup
-
PublicGroup
-
PermissionSetLicense
Note
Through certification, permission set licenses cannot be removed until associated permission sets are removed. -
ManagedPackage
-
DelegateGroup
-

The Salesforce connector supports use with the Enhanced Domains feature.

The Salesforce connector can manage a Role hierarchies in addition to the Role itself. Within the Salesforce system, Role hierarchies are used to extend record access automatically.