IT Hub

Field-Level Security in Salesforce: All You Need To Know

Reco Security Experts
April 19, 2024
May 3, 2024
4 min read

Security is an integral feature of Salesforce. There is a security architecture for every level of access in Salesforce - whether you want to gain access to the org, an object, a field, or even a record! In this article, we will look into everything you need to know about Field-Level security in Salesforce.

In basic terms, Field-Level security refers to determining whether a user can see, edit, or delete a value for a particular field. There are various ways to approach Field-Level security in Salesforce, and permission sets or profiles should do the trick. Interested in learning how to set access to fields based on user type?

Here's a Little Scenario to Help You Understand Better

Close your eyes and imagine a mansion with 200 rooms. Each room has its own specifications and requirements - which means that while everyone may have access to the mansion, anyone who wants to enter a room must first meet the room’s specifications and requirements.

Let’s break this down to Salesforce terminologies - The mansion is the object, and the fields are the rooms. How do you ensure that certain users only see fields that are relevant to them based on the kind of user they are? It’s through Field-Level security.

What is Field-Level Security in Salesforce?

As a Salesforce administrator, sometimes, you have to configure the Salesforce platform in a way that gives users access to objects (mansions) but not to specific fields (rooms). This is primarily what Field-Level security in Salesforce does. There are two major ways to create field-level security - profiles and permission sets.

On the basic level, field-level security can be set on the “STEP 3” of creating a field. Remember the steps in creating a field?

  • Step 1. Choose the field type
  • Step 2. Enter the details
  • Step 3. Establish field-level security
  • Step 4. Add to page layouts‍

After creating a new field, you can give visibility access to any users (through their profile) by checking the “Visible” box in front of their profile. So, if you want to give a user with the “Analytics Cloud Integration User” profile access to see the “Test Field”, you can do that by checking the “Visible” box in front of their profile. What’s more? You can limit their engagement with the field by giving them a “Read Only” permission. A “Read Only” permission gives the user only one option - to read. They cannot edit the content of the field.

Establish Field-Level Security from the Profile/Permission Set

1) Access profile or permission set from the set-up feature in Salesforce. To do this, you have to type Profile in the Quick Find box in set-up.

2) If you are using a permission set, you need to first create the permission set. Then, you can proceed with the instructions below.

3) From the list view, choose the profile you intend to establish your Field-Level security on

4) Scroll down to the Field-Level Security section and select “view” beside the object or field on which you want to establish Field-Level Security.

5) Select the edit button at the top of the field page next to the field on which you want to establish permissions. You will see a dropdown menu of permissions you can grant. From the screenshot below: READ ACCESS, EDIT ACCESS

6) Set your desired access level for each field, click “Save” and you are done!

7) If you are using a permission set, don’t forget to click “add assignment” and assign the permission set to the right users.

Key Points to Note

  • You can set up Field-Level via profile, permission set and on the third step of creating a field.
  • Read Access: Users can view the field value but cannot edit it.
  • Edit Access: Users can view and edit, or modify the field value.

Best Practices for Field-Level Security in Salesforce

Enable the “Field-Level Security for Permission Sets during Field Creation” in the User Management Settings in your set-up. When this option is enabled, you can configure access to a new field for permission sets instead of profiles.

Check Out This Video Demo to Learn More About Field-Level Security in Salesforce

Explore More
See more articles from our Hub