How to
Activity Sync Integration Permission Set
The Pendula_Activity_Sync_Integration permission set grants the dedicated Salesforce integration user the permissions required to connect a Pendula tenant to Salesforce and run Activity Sync.
Assign this permission set to the Salesforce user whose credentials are used to authenticate Pendula via OAuth 2.0. It should not be assigned to end users.
What the Permission Set Covers
System Permissions
| Permission | Purpose |
|---|---|
| API Enabled | Required to use the Salesforce REST API |
| Customize Application | Required to create Outbound Message definitions for flows |
| Manage Custom Permissions | Required by the Customize Application permission |
| View Roles and Role Hierarchy | Required by View Setup and Configuration |
| View Setup and Configuration | Required to list objects for Record-Triggered Flows |
| Modify Metadata Through Metadata API Functions | Required to read, create and update Flows and Outbound Message definitions |
| Manage Flow | Required by Enable System Mode Flow Activation |
| Enable System Mode Flow Activation | Required as Flows run in system context |
Pendula4E Object Permissions
| Object | Read | Create | Edit | Delete | View All | Modify All |
|---|---|---|---|---|---|---|
Message__c | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Message_Event__c | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Message_Recipient__c | ✓ | ✓ | — | — | — | — |
All custom fields on Message__c and Message_Event__c are granted read and edit access. All custom fields on Message_Recipient__c are granted read access.
The three Message__c record types are granted visibility: Inbound_SMS, Outbound_Email, Outbound_SMS.
Recipient Matching — Standard Object Permissions
For Pendula to match inbound and outbound messages to Salesforce records, the integration user requires read access to the following standard objects and fields.
| Object | Object-Level | Fields |
|---|---|---|
| Contact | Read, View All Records | Email, MobilePhone |
| Lead | Read, View All Records | Email, MobilePhone |
| User | Read, View All Records | Email, MobilePhone |
Person Accounts
Person Account field permissions are not included in this permission set.
Person Accounts is an optional Salesforce feature. Because this package is installed across customer orgs that may or may not have Person Accounts enabled, including Account.PersonEmail and Account.PersonMobilePhone field permissions in the packaged permission set would cause installation to fail in orgs where Person Accounts is not enabled.
The package handles this at runtime — Utils.isPersonAccountEnabled() is checked before any Person Account recipient matching is attempted, so no errors occur in orgs without the feature.
If your org uses Person Accounts
You must grant the integration user read access to Account.PersonEmail and Account.PersonMobilePhone separately, outside of the managed package.
The recommended approach is to create a supplemental permission set in your own org:
- Go to Setup → Permission Sets → New
- Label:
Pendula Activity Sync — Person Accounts(or similar) - Under Object Settings → Account, set object access to Read
- Enable View All Records
- Under field permissions, grant Read Access to:
PersonEmailPersonMobilePhone
- Save and assign to the Pendula integration user
Verifying whether Person Accounts is enabled
In Setup, search for Person Accounts. If the feature is enabled, you will see a Person Accounts configuration page. Alternatively, check whether the Account object has a PersonEmail field via Object Manager → Account → Fields & Relationships.
Assigning the Permission Set
- Go to Setup → Users, find the Pendula integration user
- Click Permission Set Assignments → Edit Assignments
- Add
Pendula Activity Sync Integration - If your org uses Person Accounts, also assign the supplemental permission set described above
- Save
Relationship to Other Permission Sets
This permission set is intended solely for the Pendula integration (service) user. It is separate from the permission sets used by human Salesforce users:
| Permission Set | Intended For |
|---|---|
Pendula Activity Sync Integration | Pendula integration/service user (OAuth) |
Pendula Console Viewer | End users who need to view message history |
Pendula Console Composer | End users who need to send and view messages |
Pendula Administrator | Admins who manage Pendula settings |