For Your IT Team

No setup required in your Salesforce org

Permission & FLS Audit requires zero configuration in Salesforce. There is no package to install, no Connected App to create, and no settings to change.

No Connected App installation

This tool does not use Salesforce OAuth and does not require a Connected App. It authenticates using the user's existing browser session — the same session cookie (sid) that Salesforce sets when the user logs in normally.

No IP whitelist required

The tool makes outbound HTTPS calls from our server to your Salesforce instance URL on port 443. No inbound firewall rules, IP whitelisting, or network changes are required on your side.

How authentication works

When a user clicks the bookmarklet on a Salesforce page, the tool reads the active Salesforce browser session and submits it securely to our server, which uses it to call the Salesforce APIs on behalf of the user.

The session is stored in a signed server-side cookie and is never written to our database.

Required Salesforce permissions

The user's Salesforce account must have:

System Administrator profiles satisfy all of these. Other profiles will need the permissions above added explicitly.

Supported Salesforce editions

Professional Edition (API access required), Enterprise, Unlimited, Developer, and Sandboxes.

Session lifetime

The tool inherits the Salesforce session lifetime (default: ~2 hours). When the session expires, users are redirected to reconnect — there is no persistent or background access.

Data boundary

KeelCadence is not a Salesforce data export tool. It reviews metadata, configuration, permission structures, and aggregate counts where needed for diagnostic scoring. It does not export customer records, files, attachments, emails, Chatter content, or transactional data. The report maps access configuration, profiles, permission sets, object permissions, and field-level security — not the underlying field values users may have access to.

Data handling summary

Does KeelCadence export Salesforce records or files?

No. KeelCadence does not export customer records, files, attachments, emails, Chatter content, or transactional data. The reports are based on Salesforce metadata, configuration, permission structures, and aggregate counts where needed for diagnostic scoring.

Questions?

Email security@keelcadence.com for IT-related enquiries.