Skip to content

How to configure a Salesforce service account for attendee-based event synchronization in Revenue Grid

4 min read · For users on:

Introduction

By default, Revenue Grid synchronizes calendar events only for event organizers. However, in some cases, your workflow may require event synchronization for attendees. For example, this may apply when event organizers are users without assigned Revenue Grid licenses, making them unable to sync events. In such cases, you can request to enable attendee-based event synchronization.

Attendee-based synchronization requires users to have full visibility into each other’s events. If this visibility cannot be configured, set up a dedicated service account to enable the feature.

This article explains how to create and configure the required Salesforce service account and how to authorize users in Revenue Grid using that account.

Configuration steps

  1. Create a custom profile in Salesforce
  2. Configure the required permissions for the service account’s profile
  3. Limit access to the User object for the service account’s profile
  4. Set the org-wide sharing defaults and sharing rules for User records
  5. Create a Salesforce service user and assign the service account profile to it
  6. Authorize Salesforce users in Revenue Grid

Step 1. Create a custom profile in Salesforce

  1. Click the gear icon in the top-right corner and select Setup.
  2. In the Quick Find field, enter Profiles and select Profiles in search results.
  3. Click New Profile.
  4. In the Existing Profile list, select a profile to clone from (e.g., Standard User).

  5. In the Profile Name field, enter a name such as RG Service User, then click Save.

Step 2. Configure the required permissions for the service account’s profile

Configure the necessary permissions for the service account. For details, refer to Manage Users and Data Access.

System permissions

Permission Description Notes
Access Activities Access tasks, events, calendar, and email.
Access Libraries Access Libraries. Required for Content Documents.
Apex REST Services Allow access to Apex REST services.
API Enabled Access any Salesforce.com API.
Edit Events Create, edit, and delete events.
Edit Read Only Fields Edit fields that are read-only due to page layouts or field-level security.
Edit Tasks Create, edit, and delete tasks. Required if emails are shared via Tasks.
Modify All Data Create, edit, and delete all organizational data, regardless of sharing settings.
View All Data View all organizational data, regardless of sharing settings.

Object permissions

Object Permissions Notes
Accounts Read, Create, View All.
Contacts Read, Create, Edit, Delete, View All, Modify All.
Documents Read, Create, Edit, View All, Modify All. Required for Content Documents.
Opportunities Read, View All.
Leads Read, Create, Edit, View All, Modify All.

FAQs about required permissions

What is the “Access Libraries” permission, and why is it needed?

The Access Libraries permission allows access to Salesforce Libraries, which are repositories for storing and sharing documents and content. It is required to access or manipulate Content Documents as an attachment type.

Salesforce uses Libraries to store and manage Content Documents, so accessing or modifying these files often depends on this permission. Without it, actions like attaching files to records or retrieving files for impersonated users will fail.

Check if your use case involves managing Content Documents or file attachments. If so, ensure this permission is enabled.

What is the “Modify All Data” permission, and why is it important?

The Modify All Data permission allows the account to create, edit, and delete all organizational data, regardless of sharing settings.

It is crucial for impersonation functionality, which needs to operate across multiple records and objects while bypassing typical user-specific sharing rules. Without this permission, the service account will encounter “insufficient access” errors for specific data or records.

This permission ensures the service account has global access to organizational data to perform its tasks effectively.

What is the “View All Data” permission, and why is it required?

The View All Data permission allows the service account to view any data in the Salesforce org, regardless of sharing settings or user ownership.

Impersonation scenarios often involve data visibility varying between users. This permission ensures the service account has a “superuser” view to access all records for which the impersonated user has permission.

Without this permission, the functionality will fail when the service account lacks visibility into certain records. This permission is critical for enabling seamless access across organizational boundaries.

Step 3. Limit access to the User object for the service account’s profile

  1. In the Quick Find box, enter Profiles, then select Profiles in the search results.
  2. Open the service user profile, you’ve created and click Edit.

  3. Under System, click System Permissions.

  4. Find the User object and clear the View All Users checkbox.

    Note

    In some interfaces, the View All Users permission may appear under Administrative Permissions.

  5. Click Save.

Step 4. Set the org-wide sharing defaults and sharing rules for User records

  1. In the Quick Find box, enter Sharing Settings, then select Sharing Settings in the search results.

  2. In the Organization-Wide Defaults area, click Edit.

  3. For User records select Private in both Default Internal Access and Default External Access.

  4. Click Save.

  5. Under User Sharing Rules, click New and create a sharing rule to grant access only to users who will use Revenue Grid. You can define this by group membership or custom criteria.

Step 5. Create a Salesforce service user and assign the service account profile to it

Important

Create a dedicated service-only Salesforce account.

Do not use an active Revenue Grid user account, and do not authorize the service account in Revenue Grid. It is used only for Salesforce access authorization.

  1. Click the gear icon in the top-right corner and select Setup.
  2. In the Quick Find field, enter Users and select Users in search results.

  3. Click New User.

  4. Complete the required fields, and in the Profile field, select the service account profile.

  5. Click Save.

Step 6. Authorize Salesforce users in Revenue Grid

  1. Open the Revenue Grid Admin Panel  and go to the Profiles tab > Connectivity subtab.

  2. In the CRM section, click Log in with Salesforce.

    Note

    Currently, only the Salesforce OAuth authorization option is supported. It uses the configured service account’s refresh token to authorize access for a specified group of Revenue Grid users.

  3. In the OAuth window that opens, log in using the Salesforce service account.

If the authorization is successful, the CRM connectivity status will change to Connected.