Loading
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Enable External Credential Principals

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            Enable External Credential Principals

            Principals link an external credential to permission sets or user profiles so that users can make callouts using the named credential. At run time, Salesforce ensures that the user has the permission set before accessing the remote system.

            Required Editions

            Available in: Salesforce Classic (not available in all orgs) and Lightning Experience
            Available in: all editions
            Permission sets available in: Contact Manager, Group, Professional, Enterprise, Performance, Unlimited, Developer, and Database.com Editions
            User Permissions Needed
            To edit permission sets and user profiles: Manage Profiles and Permission Sets

            After you create external credentials and principals, take these steps to give permission sets and profiles access to the principals of the external credential.

            Tip
            Tip To apply credential permissions to the largest number of users, link a principal to a permission set and add the permission set to a permission set group.
            1. From Setup, in the Quick Find box, enter either Permission Sets or Profiles, and then select either Permission Sets or Profiles.
            2. Click the name of the permission set or profile that you want to modify.
            3. Take one of these steps.
              • For a permission set, click External Credential Principal Access in the Apps section.

                Permission sets with external credential principal access enabled can be packaged.

              • For a profile, click Enabled External Credential Principal Access.

                Profiles associated with guest users are also supported.

            4. Click Edit.
              The Edit page displays two columns: one for available external credential principals, and one for external credential principals that are currently enabled.

              External credential principals take the form external credential name - external credential principal parameter name.

              For example, an external credential principal can have a name like JWT OAuth Credential - Marketing User.

            5. Select one or more external credential principals from the list of available principals. To move them into the Enabled column, click the Add arrow.
            6. Save your changes.

            Most standard permission sets and profiles have access to the User External Credentials object by default. If you use these permission sets and profiles, enabling external credential principals is the last step to create a named credential. For the guest user profile, and for some custom permission sets and profiles, you must assign User External Credentials object permissions manually. For an overview of all of the steps required to configure a named credential, see Create Named Credentials and External Credentials.

             
            Loading
            Salesforce Help | Article