System Users in Vault CRM

System Users are created in Vault CRM instances and managed by Veeva, eliminating the need for customers to manage dedicated integration users. By default, System Users are assigned the appropriate permission sets. Customers cannot update these permission sets.

In order to grant System Users permissions for custom objects, fields, or object types, create a custom permission set and assign it to the appropriate System User via an Application Role. See Adding Permission Sets to Application Roles for more information.

In order to ensure the appropriate System User uses a specific settings record, for example, Veeva Settings or Multichannel Settings, populate the Application Profile field on the desired settings record with the appropriate System User Application Profile. See Application Profiles for more information.

When object records for an integration are updated in Vault CRM, the owner is set to the relevant System User.

When custom sharing rules are enabled for an object to which a System User needs permission, perform the following steps to create a custom sharing rule and assign it to the System User via MDL:

  1. Navigate to Admin > Configuration > Objects.
  2. Select the appropriate object.
  3. Select the Sharing Rules tab.
  4. Select Create.
  5. Create the sharing rule using the information below:

    Attribute

    Value

    Label

    <name of appropriate System User> Full Account Access

    Name

    <name_of_appropriate_System_User>_full_access__c

    Active

    True

    Criteria

    Do not populate the Criteria field.

    Role

    Editor

    Members

    User.<username of appropriate System User>

  6. Assign the System User to the newly created custom sharing rule.

System users cannot be manually assigned through the UI. Instead, admins must run MDL using the Vault Postman Collection. Using the Execute MDL Script Post action, execute the following MDL. Make sure to replace the placeholder text with the appropriate values.

Copy

Assign Sharing Rule via MDL

RECREATE Sharingrule <name_of_appropriate_System_User>_full_access__c (
    label('<name of appropriate System User> Full Account Access'),
    active(true),
    object('<API name of appropriate object>'),
    criteria([]),
    Sharingrole editor__v (
        members(
            'User.<username of appropriate System User>'
        )
    )
);

Admins can verify the System User is assigned to the Editor Role by viewing the Roles section of the custom sharing rule:

Related Topics

Application Profiles

Veeva Settings

Configuring Custom Sharing Rules for Objects