Managing Vault CRM User Security Policies in Align

Security policies in Vault CRM control various session and security settings for Vault CRM users, including Customer SSO policies, password expiration durations, and more. While Vault CRM provides standard security policies used by default, custom security policies can be created in Vault CRM, imported into Align, and assigned to the appropriate functional profiles or individual roster members, enabling admins to avoid defining security profiles in both systems.

Configuring Managing Vault CRM User Security Policies in Align

To configure this feature:

  1. Grant the following permissions:

    Object Object Permission Object Types Fields Field Permission
    crm_security_policy__aln CRED All All Edit

    functional_profile__aln

    CRED

    All

    crm_security_policy__aln

    Edit
    roster_member__aln CRED All
    • crm_security_policy_override__aln
    • crm_imported_security_policy__aln
    		 Edit
  2. Add the crm_security_policy__aln field to the appropriate functional_profile__aln layouts.

  3. Add the following fields to the appropriate roster_member_aln layouts:

    • crm_security_policy_override__aln
    • crm_imported_security_policy__aln
  4. Ensure the crm_security_policy_override__aln field has an active outbound field mapping in the integration with Vault CRM.

Importing Vault CRM Security Policies

When the next import from Vault CRM occurs, active security_policy__sys records in Vault CRM import as crm_security_policy__aln records in Align with the following properties:

  • name__v = The value of the name__v field from the corresponding security_policy__sys record
  • status__v = active__v
  • crm_security_policy_status__aln = active__v
  • vault_crm_instance__aln – References the Vault CRM instance the import occurred from
  • vault_crm_record_id__aln = The value of the id field from the corresponding security_policy__sys record

Assigning Security Policies to Functional Profiles

Once security_policy__sys records have imported as crm_security_policy__aln records, admins can assign a security policy to multiple users at once using functional profiles:

  1. Edit the appropriate functional_profile__aln record.
  2. Use the CRM Security Policy field to search for and select the appropriate crm_security_policy__aln record.
  3. Select Save.

If a security policy associated with one or more functional profiles in Align is deleted in Vault CRM, the corresponding crm_security_policy__aln record in Align is not deleted during the next import from CRM. Instead, an error displays in the import log informing admins that the crm_security_policy__aln record must first be disassociated from all functional profiles.

Manually Overriding a Roster Member's Security Policy

By default, individual roster members' associated security policy is inherited from their associated functional profile. However, admins can override this functionality with a specific security policy per roster_member__aln record.

Roster members must be designated as Align-mastered in order to manually override their security policy.

To override a roster member's security policy:

  1. Edit the appropriate roster_member__aln record.
  2. Use the crm_security_policy_override__aln field to search for and select the appropriate security policy.
  3. Select Save.
  4. Push to CRM.