+ Start a Discussion
Tanvir AnsariTanvir Ansari 

How to not allow API user to edit (update) standard required fields (Name,Company) on Lead Object?

Hi, I have a question in regards to Salesforce integration with WSDl and it is frustrating. Lemme know if you have any answers. I have a lead object and by default "Name" & company field is required by Salesforce. When I expose the PARTNER WSDL, I do not want the API user to edit these 2 fields. But since it is a required field, Salesforce will not allow me to remove from page layout or from the field leave security of Lead page. I was wondering what is the solution to this? Am I doing something wrong. ...

Pat PattersonPat Patterson

Name and Company are required fields on the Lead standard object - you can't make them optional. Even if you modify the WSDL, if you try to create a Lead without Name and Company, the call will fail. If you really need an object without Name and Company, you will have to create a custom object.

 

If you just don't want the API user to be able to modify Name and Company on Lead records, you should be able to do that via field level security. Remove write access (and read access if necessary) from the Lead object on the API user's profile (create a new profile if necessary).

Tanvir AnsariTanvir Ansari

I had done all that you had suggested and was unable. May be I am doing something wrong.

Lemme explain again to you.

I have 2 users - API Create who can create a lead, that user has access to fill in Name & company as they are required field. There are 20 odd other fields that this API create user will populate.

Once this record gets created, I do not want the API Modify user who has only edit access on lead object to modify the "name" & "company" field. but they should be able to modify 3-4 fields.


I had tried using field level security, but I do not see anyways of removing access on those fields from the required fields "Name" & "Company". Can you test in your dev sandbox and tell me if you are able to do so? On my sandbox I am unable to.

Pat PattersonPat Patterson

Hi Tanvir,

 

You're right - I can't see a way to disable modify access to Name and Company for a profile. I'll fwd this thread to one of the security guys - see if there is an answer...

 

Cheers,

 

Pat

atormanatorman

Hi Tanvir Ansari,

 

Pat reached out to me yesterday. I'm a product manager on the salesforce platform responsible for Field Level Security and Profiles.

 

You are correct - we do not store field level security rows on a number of standard fields, Lead Company and Lead First/Last Name included. As a result of this database optimization, we always assume access and display the fields as required. 

 

While less ideal, it is possible to accomplish what you are trying to do through a declarative validation rule or a programmatic Apex trigger.

 

An example of the declarative Lead validation rule can be found below:

 

IF( $Profile.Name = "API Only User",
    OR(
           ISCHANGED(Company),
           ISCHANGED(FirstName),
           ISCHANGED(LastName)
          ), null
     )

 

 

This is sub-optimal since the partner will receive an error when submitting the change and be forced to handle it separately in their code. As a result, you will still want to let your partners know that it's not acceptable to update some of the lead information.

 

Hope this helps some. Let me know how it goes. 

 

Thanks!

 

Adam

Tanvir AnsariTanvir Ansari

Sir,

 

This is what I already implemented, but it is very bad solution to give to any partner.

 

Regards,

Tanvir Ansari