PandaDoc

Selecting an authentication method depends on your Salesforce environment's needs for access control, cost, and audit requirements. Below is a comparison of available methods to help you decide which suits your use case.

___________________________________________________________

Authenticate the entire workspace using a single set of credentials. All users share access based on the workspace's credentials.

Audit/History impact: Actions in Salesforce are logged under the workspace connection user, which may not reflect individual activity.

Visibility and access control: Users inherit the permissions of the workspace connection. This may grant access to data outside their typical permissions.

- Audit/History impact: Actions in Salesforce are logged under the workspace connection user, which may not reflect individual activity.
- Visibility and access control: Users inherit the permissions of the workspace connection. This may grant access to data outside their typical permissions.

When all users need the same level of access.

There are no strict requirements for tracking individual activities.

- When all users need the same level of access.
- There are no strict requirements for tracking individual activities.

Watch an overview video on how to connect/disconnect:

Each user authenticates with their own Salesforce credentials, ensuring individualized access and activity tracking.

Audit/History impact: All actions are logged under the individual user's name, providing a precise audit trail.

Visibility and access control: Users can only access data within their Salesforce permissions.

- Audit/History impact: All actions are logged under the individual user's name, providing a precise audit trail.
- Visibility and access control: Users can only access data within their Salesforce permissions.

Important: If the per-user connection is not authenticated, the Workflow Runner will default to per-workspace credentials.

When detailed activity tracking and precise access control are essential.

- When detailed activity tracking and precise access control are essential.

Workato recipes use workspace authentication to interact with Salesforce using a shared set of credentials.

Audit/History impact: Actions appear under the workspace connection user.

Visibility and access control: Permissions of the workspace credentials apply to all actions.

- Audit/History impact: Actions appear under the workspace connection user.
- Visibility and access control: Permissions of the workspace credentials apply to all actions.

For automations like pulling entity schema (template sidebar) or searching opportunities in workflows.

- For automations like pulling entity schema (template sidebar) or searching opportunities in workflows.

API user (integration user) authentication

An API-only user provides dedicated credentials for integrations without requiring a full Salesforce license.

Audit/History impact: Integration activities are logged under the API user, distinguishing them from manual user actions.

Visibility and access control: Configurable permissions limit the scope of actions, enhancing security.

- Audit/History impact: Integration activities are logged under the API user, distinguishing them from manual user actions.
- Visibility and access control: Configurable permissions limit the scope of actions, enhancing security.

For integrations requiring minimal user interaction and clear separation between automated and user-driven tasks.

- For integrations requiring minimal user interaction and clear separation between automated and user-driven tasks.

Per-workspace authentication

Implications

Per-user authentication

Implications

Workato per-workspace authentication

Implications

API user (integration user) authentication

Implications