Skip to main content

Salesforce Object Access, Security and Troubleshooting in DataTools Pro

DataTools Pro uses the Salesforce REST API to access meta data within your organization. When you log into DataToolsPro as a user, it inherits and enforces the Salesforce security, role, and permissions settings anytime you request data from object browser dropdown. After an object is added you can naigate and view only fields that your user has access to.

General Recommendation

We typically recommend that your Salesforce admin add objects within DataTools Pro for your organization to enusre completeness of your object meta-data inventory.

How DataTools Pro enforces Object and Field Security

The goal of using DataTools Pro is visibility and understanding of object / field relationships and relationships to metrics / KPIs. Once the objects are added into DataTools Pro, the app enforce access at the Salesforce user level, but enforces object and field security only for adding new objects or refreshing field history for existing objects. This means additional invited user who do not have object level access inside of Salesforce can still benefit and understand the object and field relationships. DataTools Pro does not access or query record data, so by design the scope of use is limited to object and field metadata.

Troubleshooting Objects that are Missing:

Issue: Not all objects are available and visible inside of the object browser

Profile

Ensure that the user’s profile has the necessary “Read” (and other relevant) permissions for the objects they need to access. This can be checked and updated in the profile settings under “Object Settings

Setup → Users → Profiles → Select the relevant profile.

Organization-Wide Defaults (OWD):

Review the organization-wide sharing defaults for the objects. If the default is set to private or public read-only, sharing rules or manual sharing might be required to give the user access to records they do not own.

API-Specific Considerations

API Enabled:

Ensure that the “API Enabled” permission is granted to the user. This is essential for users to interact with Salesforce through the REST API. Technically, you wouldn’t be able to view any objects and also potentially have issues logging in if API access is disabled.

Managed Packages

Package Visibility:

If the objects are part of a managed package, ensure that the user’s profile or permission set includes permissions for those objects. Managed packages often come with their own set of permissions and licensing restrictions.

License Assignment:

Check if the user has been assigned a license for the managed package. Users need to have a valid license for accessing objects provided by managed packages.

    Field Access

    Similar to object access, field level security can potentially restrict the number of fields you can view, if you load objects into DataTools Pro.

    Data Access

    DataTools Pro does not query data records within objects that you load via the Object dropdown. DataTools Pro is a meta data management and analysis tool and not designed to view or analyze object recrords.