7

Permission Sets in Salesforce

You must be aware of the object-level security in Salesforce. Permission set groups are an integral part of Salesforce settings. These are simply permissions meant for the users. It helps the administrator control what permissions are given to each profile.

Permission sets can be created to grant access to a specific job or task, regardless of the primary job function or title of the users they’re assigned to. Read along to understand the uses and creation process for permission sets in Salesforce.

What is Permission Sets in Salesforce (Object Level Security)?

Permission sets in Salesforce are a collection of settings and permissions that determine user access to various platform tools and functions. The settings and permissions available in permission sets are also found in profiles. Still, permission sets extend the functionality of users without changing their profiles.

You can use the permission set group in Salesforce to grant additional access to specific users on top of their existing profile permissions. There is no requirement to modify the current profile, create new profiles, or give an administrator profile where necessary.

Permission Set Control

  1. Object Permission
  2. Field Permission
  3. User Permission
  4. Tab Settings
  5. App Settings
  6. Apex class access
  7. Visualforce Page Access

Use of Permission Sets in Salesforce

Permissions are additive, so we can’t remove a user’s existing permissions by assigning a permission set. We can only add permissions. To limit access for a user or group, ensure that their base profile and permission sets restrict this type of access. It is not mandatory to give the license to the permission sets while creating it, but once the permit is assigned, it cannot be changed.

There are a couple of ways to use the Permission Set in Salesforce:

  1. To grant access to custom objects or entire apps.
  2. To consent permissions-temporarily or long-term time-specific fields

Permission Sets Expiration In Salesforce 

Set assignment expiration dates and assign permissions to users that expire via permission sets. You can specify the expiration date with one day, seven days, 30 days, 60 days, and a custom date from the permission set assignment.

Types of Permission Sets in Salesforce

Depending on what you and your users want to do, various types of permission sets are available in Salesforce. You can also use a combination of permission sets when administering your Salesforce org.

Salesforce offers the following permission set options.

Custom Permission Set

These sets are created by administrators based on the tasks that users perform. 

Use case: Users who perform the same tasks have different personas or roles. For example, users who create and edit contracts are sometimes in separate departments. You can create a permission set for the tasks and then include them in appropriate permission set groups based on their personas.

Integration Permission Set

Salesforce offers integration permission set for specific integrations to modify only a particular permission type by your organization. The editability is based on the straightforward integration’s use case. 

Use case: You connect to the cloud to exchange data with integration partners. Integration permission sets define the scope of data access by Salesforce integration-related features and services. Depending on the integration features, integration permission sets can:

  • Be predefined by Salesforce but aren’t editable by your org.
  • Have no initial permissions and are fully controlled by your organization.
  • It comes with on-premises permissions but can be modified by you.

Managed Permission Set

These are typically installed from a managed package and have the package namespace.

Use case: Package developers include entitlements to access features in a managed package. Permissions in these sets aren’t editable by subscriber organizations.

Session-Based Permission Set

Allows functional access only during a predefined session type. 

Use case: You can limit access to functionality for more security or, sometimes, restrict access to equipment to users in specific roles.

Standard Permission Set

The standard permission set Includes common permissions for a feature associated with a permission set license. 

Use case: Using standard instead of custom permission sets saves time and facilitates administration. Users who require permissions for a permission set license can use standard permission sets.

Salesforce-Expert-Trainer-CTA-1

How to Create Permission Sets in Salesforce?

Here is how you can create a permission set step-by-step in a Salesforce org

  1. From Setup, in the Quick Find box, enter Permission Sets, and then select Permission Sets.
  2. Click New.
  3. Enter your permission set information.
  4. Select the types of users for the permission set. Select a specific user or permission-set license. Or, if users with different licenses are assigned the permission set, select None.
  5. Add the required permissions and settings to the permission set. For more information, see Configure Permissions and Access in Permission Sets in Salesforce Help.

Difference Between Profile And Permission Sets

ProfilePermission Sets
Profiles have the most restrictive settings and permission a user assigned to this profile should have.Permission Sets extend the access settings and permissions provided by the profile.
A user can have only one profile assigned.Users can have more than one permission set.
Profiles are restrictive.Permission sets are additive.
Every user must be assigned a profile.Every user doesn’t need to have a permission set.
Next Topic

Need more support?

Get a head start with our FREE study notes!

Learn more and get all the answers you need at zero cost. Improve your skills using our detailed notes prepared by industry experts to help you excel.

ServiceNow Stripe