Can I use Sharing Rules to restrict record visibility?


You are considering Sharing Rules as a workaround to ensure Connect can only synchronize a subset of data.


This approach is unsupported as it can cause mappings to become out of sync and can have an adverse impact on performance.

Sharing Rules don't provide any form of notification mechanism when records move in or out of scope, potentially causing them to be orphaned in your database or Salesforce. For example, Heroku Connect syncs a record that later moves out of the scope of the Sharing Rule. Connect no longer has access to it via the Salesforce APIs, but it still exists in the database.

Heroku Connect performs best with "View All" permissions on each mapped object. This permission removes the need for Salesforce APIs to carry out permissions checks on each record being accessed. Removing this permission from the integration user in order to use Sharing Rules can have drastic performance implications when querying and updating data in your Salesforce org.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support