User Permissions to Send for Signature
HelloSign for Salesforce provides two permission sets that can be found in Setup > Manage Users > Permission Sets. They are titled “HelloSign_User” and “HelloSign_Admin”. These permission sets can be cloned to make custom versions to fit whatever use cases you may have.
Permission Set Provisioning
Creating a HelloSign account for your Salesforce users allows for HelloSign setting defaults to be applied to all users sending from Salesforce.
HelloSign User provides the ability to
- Create templates
- Edit templates
- Send with Template
- Send one off document
- Read and Create HelloSign Logs
HelloSign Admin provides the ability to
- Connect to HelloSign with any Salesforce profile
- Delete Templates
- Delete Signature request records
- Delete Logs
- All functions of HelloSign User
REQUIRED SETTINGS for 3.77.3 and earlier
If you are on version 3.77.3 or earlier and using a Salesforce non-system administrator profile the following items must be enabled for the connected user. We recommend cloning our HelloSign Admin permission set.
System Preferences Section
- Apex REST Services
- API Enabled
- Customize Application (this will auto check a few additional boxes)
Apex Class Access Section
- HelloSign.HSignSetSettingsApi
REQUIRED ACCESS for Profiles
If you are connecting with a Salesforce non-system administrator profile the following access is required.
- User must have read access on all the objects on which HelloSign looks up to. This includes our out-of-the-box objects (account, opportunity, contact, lead), as well as any custom supported objects.
- If you have a private sharing model you must have View All on the objects on which HelloSign is being used.
- If HelloSign writeback fields are being used the connected user must have edit on the object on which HelloSign is being used as well as edit access to the fields being updated.
- If there are any Salesforce processes that run in relation to the objects on which you are using HelloSign the connected user must include Modify All on those objects.
CALLOUT for CPQ
With our HelloSign for Salesforce CPQ package you must clone our admin permission set and give View All on the Salesforce Documents object.
API Only Integration
If your connected user should only have API access follow these steps
- First connect to HelloSign through Settings in the user interface using the Admin permission set
- Setup > Users > Permission Sets
- Clone the HelloSign Admin permission set
- Name the new permission set something like HelloSign (API Only)
- Click System Permissions in the new cloned permission set
- Click edit
- Check API Only User
- Save
- Assign the new API Only permission set to your connected user and remove the HelloSign Admin permission set
Updated almost 5 years ago
You're all ready to send signature requests!
But, there's a lot more you can do to configure HelloSign for Salesforce for your specific use case. Below is a list of popular configurations.