How to
Assigning Permission Sets
How Permission Sets Work
Salesforce permission sets are additive layers. A user's effective permissions are the union of their profile permissions plus every permission set assigned to them. Assigning multiple permission sets to a user stacks the permissions — no permission set overrides or restricts what another grants. If one permission set grants read on an object and another grants create, the user has both.
This means you can combine permission sets freely. For example, a user can hold both Pendula Administrator and Pendula Console Composer to manage settings and send messages.
Permission Sets at a Glance
| Permission Set | File | Intended For |
|---|---|---|
Pendula Console Viewer |
Pendula_Console_Viewer.permissionset |
End users who need to view message history |
Pendula Console Composer |
Pendula_Console_Composer.permissionset |
End users who need to send and view messages |
Pendula Administrator |
Pendula_Administrator.permissionset |
Admins who manage Pendula settings |
Pendula Template Designer |
Pendula_Template_Designer.permissionset |
Admins who manage message templates |
Pendula Integration User |
Pendula_Integration_User.permissionset |
The Pendula integration/service user (OAuth) |
Pendula Console Viewer and Pendula Console Composer — Choose One
While permission sets are generally additive, Pendula Console Viewer and Pendula Console Composer are designed as alternatives — assign one or the other, not both. Composer is a strict superset of Viewer: edit access on an object implies read, so every permission Viewer grants is already covered by Composer. Assigning both is harmless but redundant.
Pendula Console Viewer
Purpose: Read-only access to message history in the Pendula Console.
Assign to Salesforce users who need to see communication history but do not send messages.
Object Permissions
| Object | Read | Create | Edit | Delete | View All Records |
|---|---|---|---|---|---|
Console_Message__c |
✓ | — | — | — | ✓ |
Message__c |
✓ | — | — | — | ✓ |
Message_Event__c |
✓ | — | — | — | ✓ |
Message_Recipient__c |
✓ | — | — | — | ✓ |
All fields on these objects are read-only.
Other Access
-
ConsolePermissionCheckerApex class (required for the Console LWC to render) -
Event.P4E_Message__cfield: read - Tabs visible: Console Messages, Messages, Message Events, Message Recipients
-
Message__crecord types visible:Inbound_SMS,Outbound_Email,Outbound_SMS
Pendula Console Composer
Purpose: Full Console access — view and send messages.
Assign to Salesforce users who interact with contacts/leads via the Pendula Console.
Object Permissions
| Object | Read | Create | Edit | Delete | View All Records |
|---|---|---|---|---|---|
Console_Message__c |
✓ | ✓ | ✓ | — | ✓ |
Message__c |
✓ | ✓ | ✓ | — | ✓ |
Message_Event__c |
✓ | — | — | — | ✓ |
Message_Recipient__c |
✓ | — | — | — | ✓ |
Template__c |
✓ | — | — | — | ✓ |
All fields on Console_Message__c, Message__c, and Message_Event__c are read and editable. Fields on Message_Recipient__c are read-only.
Template__c access is read-only — composers can use templates but not modify them.
Difference from Console Viewer
Console Composer is a strict superset of Console Viewer — use it instead of, not alongside, Console Viewer. The additions are:
- Create and edit on
Console_Message__c(enables sending messages) - Create and edit on
Message__c - Read access to
Template__c(for selecting message templates when composing) - All fields on
Console_Message__candMessage__cbecome writable (not just readable)
Other Access
-
ConsolePermissionCheckerApex class -
Event.P4E_Message__cfield: read - Tabs visible: same as Console Viewer
-
Message__crecord types visible:Inbound_SMS,Outbound_Email,Outbound_SMS
Pendula Administrator
Purpose: Access to the Pendula settings tab within the Pendula app.
Assign to Salesforce admins responsible for configuring the managed package behaviour - for example, which record types to match and which channels should be published as Salesforce activities.
Access Granted
- Pendula Lightning app (
Pendula4E_Lightning) visibility - Settings tab visible
This permission set grants no object or field permissions - it solely controls visibility of the Settings UI. It is typically combined with another permission set (e.g., Console Composer) for admins who also use the Console.
Pendula Template Designer
Purpose: Full management of Template__c records.
Assign to users who create and maintain message templates used by the Console.
Object Permissions
| Object | Read | Create | Edit | Delete | View All | Modify All |
|---|---|---|---|---|---|---|
Template__c |
✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Field Permissions (read and edit)
Template__c.Description__cTemplate__c.Related_Object_API_Name__cTemplate__c.Related_Object_Type__cTemplate__c.Template_Text__c
Other Access
- Pendula Lightning app visibility
- Templates tab visible
-
Template__crecord type visible:SMS
Pendula Integration User
Purpose: Allows the Pendula service to write communication records to Salesforce.
Assign only to the dedicated Salesforce integration user whose credentials are used by Pendula for OAuth 2.0 authentication. Do not assign to human end users.
For full details see Activity Sync Integration Permission Set
System Permissions
| Permission | Purpose |
|---|---|
| API Enabled | Required to use the Salesforce REST API |
| Customize Application | Required to create Outbound Message definitions for flows |
| Manage Custom Permissions | Required by Customize Application |
| View Roles and Role Hierarchy | Required by View Setup and Configuration |
| View Setup and Configuration | Required to list objects for Record-Triggered Flows |
| Modify Metadata Through Metadata API Functions | Required to read, create, and update Flows and Outbound Message definitions |
| Manage Flow | Required by Enable System Mode Flow Activation |
| Enable System Mode Flow Activation | Required as Flows run in system context |
Pendula4E Object Permissions
| Object | Read | Create | Edit | Delete | View All | Modify All |
|---|---|---|---|---|---|---|
Message__c |
✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Message_Event__c |
✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Message_Recipient__c |
✓ | ✓ | — | — | — | — |
All fields on Message__c and Message_Event__c are read and editable. Fields on Message_Recipient__c are read-only.
Recipient Matching — Standard Object Permissions
| Object | Object-Level | Fields |
|---|---|---|
| Contact | Read, View All Records |
Email, MobilePhone
|
| Lead | Read, View All Records |
Email, MobilePhone
|
| User | Read, View All Records | MobilePhone |
Account / Person Account permissions are not included. See Activity Sync Integration Permission Set if your org uses Person Accounts.
Recommended Assignments by Role
| User Role | Permission Sets to Assign |
|---|---|
| Pendula integration/service user | Pendula Integration User |
| End user (view only) | Pendula Console Viewer |
| End user (send messages) | Pendula Console Composer |
| Template manager |
Pendula Console Composer + Pendula Template Designer
|
| Salesforce admin managing Pendula |
Pendula Console Composer + Pendula Administrator + Pendula Template Designer
|