If you are an administrator of a Salesforce Marketing Cloud instance, you probably received an email notification recently with the ominous subject line “ACTION MAY BE REQUIRED: Changes to REST API Permissions”.
Security is always top priority at Salesforce and as part of their commitment to it, they are improving the permission management for many Marketing Cloud REST API routes.
If you are a Marketing Cloud admin, review your user permissions before April 1, 2019. Some users and integrations accessing Marketing Cloud via the API may have restricted permissions, which could affect how integrations continue to function after April 1, 2019.
If you don’t know where to start, Salesforce has created a custom report to help ensure that your users and integrations will have the correct permissions when accessing the Marketing Cloud.
What actions do you need to take?
Firstly, check out the new Permission Adjustment report, and ensure all those permissions are configured properly, and do it as soon as possible.
To prepare for the REST API permissions update, please follow the steps below:
– Run the Permission Adjustments Report: Run the report to determine which users and integrations may be impacted by the permissions update. Follow the instructions in the Developer Documentation.
– Update Permissions for Users and Applications: Update your permissions based on the information reviewed in the report by following the steps outlined in the “Update the REST API User Permissions” article.
– Confirm Updated Permissions: To confirm, make the same API calls again and then rerun the report. It may take up to 24 hours for details to appear in the report. For more information, follow the instructions in the “Confirm your REST API permissions” article.
If no action is taken, some users and integrations may have restricted permissions within Marketing Cloud after the change occurs on April 1, 2019. This could result in API calls failing for integrations, so start getting ready now to avoid errors when the new system is implemented.