To perform backup and restore operations, Veeam Backup for Salesforce requires the following permissions to be provided.
Salesforce API Integration
Veeam Backup for Salesforce requires a Standard User with the Salesforce license type to connect to a Salesforce organization to perform backup and restore operations for Salesforce resources. Note that free Salesforce Integration Users cannot perform backup and restore operations.
The user whose credentials are used to authorize the connection must be assigned full permissions required to read and modify data:
For sandboxes, any managed application needs to be enabled and license provided to the user. For example, High Velocity Sales requires application activation.
Salesforce Connected App
Secure and encrypted connection to Salesforce is established using the Connected App tokens. The Connected App must be assigned the following OAuth scopes:
The latter option applies only if you use Salesforce as an identity provider.
Veeam Backup for Salesforce Components
PostgreSQL Database User
Veeam Backup for Salesforce creates databases and database schemas to store Salesforce data and metadata. Therefore, the database user must be granted permissions to create schemas and databases.
Note: If you do not grant the user permissions to create databases, you will have to manually create databases on PostgreSQL servers first, and then add databases to Veeam Backup for Salesforce as described in section Adding Databases, before you create any backup policies.