Profiles & Permission Sets in Salesforce | Object Level Security(Read,Create,Edit & Delete)

Object Level Security:

We can prevent users or group of users editing,creating,viewing or deleting records of an object by setting permission on the object.

Two ways of setting object permissions

  1. Profiles

  2. Permission Sets


Profile is Collection of settings and permissions that determine which data and features user will have access to


Profile Controls

  1. Object Permission

  2. Field Permission

  3. User Permission

  4. Tab setting

  5. App Setting

  6. Apex Class Access

  7. Visualforce pages access

  8. Login Ip Ranges

  9. Record Types

  10. Page layout

  11. Login Hours


Types of Profile

We have 2 types of profiles Standard Profile and Custom Profile


Some of the default Standard Profiles

  • Standard User

  • Read Only

  • Marketing User,Contract Manager,Solution Manager ( Including Standard User permission this profile as additional access to certain access)

  • System Administrator(View All and Modified All)


why custom profiles? Object permission on Standard Profile cannot be edited

Custom Profiles

Can be made by Cloning the Standard profiles.

Every profile is based on user license type which determines features of salesforce users that will have access to.


Important Points on Profiles

  1. Every profile should have atleast one visible app.

  2. Tabs of objects to shown in App should have access to that object for that profile

  3. A profile can be assigned to many users but users can be assigned too only one single profile at a time.

  4. View all and modified all are not available for idea, articles type, pricebooks and products.

  5. To view object permission: View Setup and Configure.

  6. To edit object permission: Manage Profiles and Permission sets and Customize Application


Permission Set:

Collection of settings and permissions that determine which data and features user will have access to

But these are used to extend the access or grant additional access to users without modifying their profiles

Permissions are additive which means we can’t remove existing permission which they have through their profile by assigning a permission set less access. We can only add permission.

Permission sets Control:

  1. Object Permission

  2. Field Permission

  3. User Permission

  4. Tab setting

  5. App Setting

  6. Apex Class Access

  7. Visualforce pages access

Permission set are also based on license type but its not compulsory and once assigned it cannot be changed,

A user can be assigned to the multiple permission sets..

Important Points to Remember:

In the permission set we cannot control page layout assignments.


Difference between profile and permission set.


2 views0 comments

Recent Posts

See All

Salesforce Configuration Topics

CRM - Customer Relationship Management 1.             What is CRM(Customer Relationship Management)? 2.             CRM Basic entities 3.             Sub Modules of CRM 4.             Existing CRMs Sa

Governor Limits in Salesforce

Static Apex Limits Per transaction apex limits These limits are useful for counting every apex transaction. While we discuss batch apex, limits which are present for executing records batch are reacti

Daily Information | Daliylinx are related to General information, Technology, Salesforce, Newspapers, Telugu Newspapers, Pets, Cars etc

  • Facebook