Version 9.0 API Changes

User API Changes

In the User object, role_id field has been removed, and the accessProfileId field has been added. In addition, the custom_security_question and security_answer fields are provided.

Learn more: REST user Resource

Role API Changes

Global and administrative permissions are now specified in Access Profiles, rather than in Roles. Inconsequence:

• The REST Role resource no longer contains globally_manage_permission, web_tabs_access_permission, or administrative permissions sections.
• The Role object still contains permissions for self-owned records and team-owned records, but they are no longer wrapped in an individually_manage_permission tag.
• In the Java API, the RoleBean no longer contains an AdministrativePermissionsBean, or a method to access it.

Learn more: REST role Resource, Java [RoleBean]

New Access Profile APIs

The new Access Profile object specifies global and administrative permissions. Using the Java APIs, it is accessed like any other object (objectId = ACCESSPROFILE).

Learn more: REST accessProfile Resource

New Application Access APIs

The Application Access object specifies users who can access an application, and the roles they can assume. Using the Java APIs, it is accessed like any other object (objectId = APPLICATION_ACCESS).

Developers who previously used the REST user_team resource to manage use Roles will now do so using the applicationAccess resource.

Learn more: REST applicationAccess Resource

Field Metadata Changes

For Lookup fields, the REST field Resource contains a new parameter, includeAllObjects. It identifies lookup fields that are allowed to target any object.

Learn more: REST Multi Object Lookup example