How to Control Access to Objects in Salesforce

by | Nov 26, 2022 | Salesforce, Salesforce Admin


The easiest way to control data access in Salesforce would be to set permissions on a specific object type. We can restrict specific groups of Users from viewing, editing, creating, or deleting any record of that object.

Object permissions can be managed using either Profiles or Permission Sets.

  • Use Profiles to grant the bare minimum access required by a particular group of Users. A User’s Profile determines what data the User can access and what they can do with it.
  • Use Permission Sets to grant additional access or permissions.

Profiles and Permission Sets work in conjunction to protect your org data from unauthorized access. They provide a great deal of flexibility regarding object-level access in Salesforce.

Use Profiles to Restrict Access

Every User in Salesforce is assigned a single Profile which determines the data and features they can access within the org. A Profile is a combination of settings and permissions. The settings decide which data the User can view, and the permissions determine what the User can do with the data.


1. Standard Profiles

Salesforce includes a collection of standard profiles. Including, but not limited to :

  • Chatter Free User
  • – Free User
  • Standard User
  • System Administrator

Each standard Profile includes a set of default permissions that cannot be modified. To modify the permissions of a standard profile, we can create a clone of the standard Profile and make changes to the clone. And, voila, you have your custom profile based on your requirements.

2. Managing Profiles

Managing Profiles is child’s play once you get the hang of it. The Profile Overview page is where we can get started.

Open Setup, type Profiles in the Quick Find Box, and click Profiles. You should be directed to a page similar to this!

Table Description automatically generated

3. Create a Profile

The simplest way to go about when creating a new profile would be to clone an existing profile and then modify it.

Before we move forward, let’s enable the Enhanced Profile User Interface. The Enhanced Profile UI provides a streamlined experience for managing profiles. From Setup, enter User Management Settings in the Quick Find Box, then select User Management Settings. Enable Enhanced Profile User Interface.

  1. From Setup, type Profiles in the Quick Find Box, and click Profiles.
  2. Click Clone next to the Profile closest to the one you want to create.
  3. Give the new Profile a name, and click Save.

4. Assign a Profile

Let’s assign the Profile we created to a User that matches the Profile. Ensure that Enhanced Profile User Interface is enabled. It makes things way easier. Trust me on this.

  1. From Setup, type Users in the Quick Find Box, and click Users.
  2. Click edit next to the User you want to assign the Profile to.
  3. From the Profile dropdown menu, select the Profile you want to assign.
  4. Click Save.

Use Permission Sets to Grant Access

Why use Permission Sets to grant additional access when we can modify the custom profile to do the same? Permission Sets enable us to grant additional access without changing the Profile! Let me explain.

  • Giving and taking away access is just a click away.
  • A User has a single Profile but multiple Permission Sets.
  • Granting temporary access to certain org data or objects is a cakewalk now.
  • Permission sets are reusable.

Graphical user interface, text Description automatically generated

1. Manage Permission Sets

Just as with the Profile Overview page, a Permission Set’s Overview page is the doorway for everything related to permission sets.

  1. Open Setup, type Permission Sets in the Quick Find Box and click Permission Sets.
  2. Click on the Permission Set you want to inspect, and you should be directed to a page similar to the one below.

2. Create a Permission Set

Creating a permission set to grant additional permission to our Users is relatively easy. Follow along to create a permission set.

  1. From Setup, type Permission Sets in the Quick Find Box, and click Permission Sets.
  2. Click Clone next to the permission set you want to create a copy of.
  3. Enter a Label and a Description.
  4. Click Save.

3. Assign a Permission Set

Let’s assign the permission set we just cloned to applicable Users in our org.

  1. Type Permission Sets in the Quick Find Box from Setup, and click Permission Sets.
  2. Click the Permission Set you want to assign.
  3. Click Manage Assignments.
  4. Click Add Assignments.
  5. Select all the Users you want to assign this permission set to, click Next, then click Assign.
  6. Click Done to view the current assignments for the permission set.




Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.