The following are known issues and limitations with Salesforce Communities user provisioning.
Attributes
- The provisioner cannot clear user attributes after they have been set.
- Multi-attribute values are not supported.
Deprovisioning
- When deprovisioning a Salesforce customer or partner user, the provisioning connector does not unlink the user from the associated contact.
- If a customer or partner user is unlinked in Salesforce from the associated contact, any changes to the user in the data store causes the provisioning connector to create a new user in Salesforce and link it to the existing contact.
- Guest users in Salesforce cannot be frozen. If Freeze Users instead of Disable is selected in your provisioning options, the guest user will not be disabled or frozen.
Refresh tokens
- Refresh token policy must be set to Refresh token is valid until revoked for OAuth because expiring refresh tokens are not supported.
Salesforce Communities
- The provisioner can link users to
customer
andpartner
business accounts, but notperson
accounts. For more information, see the Accounts page in the Salesforce documentation.
Group provisioning
- Syncing memberships is not supported for Salesforce Community. Admins can set up group provisioning on Salesforce communities to sync only groups from PingOne.