When configuring user permissions in Salesforce, following Salesforce best practices is crucial to ensuring data security while enabling users to perform their tasks effectively. Organizations should use profiles, permission sets, role hierarchies, and sharing rules to grant appropriate access levels, adhering to the principle of least privilege to prevent unnecessary exposure of data.
Quick reference: Salesforce best practices
Configuring Temporary elevated permissions for document generation in Experience Cloud
For Experience Cloud use cases that can’t be met through Salesforce permissions recommendations, temporary elevated permissions may be necessary. The S-Docs managed package provides flexible options to facilitate document generation workflows while still maintaining security controls. However, it is ultimately the responsibility of the Salesforce org administrator to properly configure user access when feasible. This ensures that data used within any document workflow is appropriately secured and does not unintentionally expose sensitive information.
System Mode configuration option
Configuring a temporary elevated permission for document generation is as simple as enabling a checkbox in the LWC or any of the SDK Generation Invocable Actions (Generate Document, Generate Document with User Input, and S-Docs Send Email).
Configuration for S-Docs Lighting Web Component (LWC)
Learn how to set up the S-Docs Lightning Web Components (LWCs) for guest user generation use cases in Experience Cloud.
In the demo above, we have a Digital Experience site being constructed in Experience Builder. This page includes the two S-Docs LWCs that Guest Users will use to generate various documentation.
Follow these steps to enable the Generate Documents LWC for guest user generation:
- Click on the LWC to activate the configuration panel.
- Click the check box labeled System Mode Generation (Experience Cloud).
- The Generated Documents LWC follows the same path to configure for guest user access. Start by clicking on the component in the interface to launch the configuration options.
- Then, select the checkbox to give guest users the ability to use the functionality of this LWC.
The S-Docs LWCs are now ready for action!
Configuration for S-Docs SDK generation methods
The system mode configuration option remains visible in the flow builder experience, regardless of context, however when enabled, the setting will only be executable in experience cloud workflows. To configure, toggle on the System Mode Generation (Experience Cloud) option in any of the S-Docs invocable actions listed above and add the value of True to the value input field.
Enable this setting to allow unauthenticated or logged in guest users to generate documents with S-Docs. Attempting to run system mode in a flow operating within an internal org context will result in a failure to generate.