IT Hub

Role vs Profile in Salesforce: Everything You Need To Know

Reco Security Experts
May 10, 2024
May 10, 2024

Salesforce can be configured in various ways to enhance an organization's security architecture. This article will examine two major security mechanisms in Salesforce and how they improve security and data management. The two mechanisms we will look at are Roles and Profiles.

The conflation between Roles and Profiles in Salesforce can be daunting for even Certified Administrators. It's a complex topic, but this article simplifies it for you. We aim to break down these two concepts and help you understand the differences between these crucial security mechanisms.

Here is a Little Scenario for Further Insight

Imagine you are a Salesforce administrator at a Consulting Firm. On a random Monday morning, a user from the sales team contacts you to ask you to “Set Johnny, the Head of Logistics, to System Administrator so they can access the relevant information they need.” Interesting! Of course, their intentions might be good, but guess what? It also underscores how technical it is for end users to comprehend Salesforce. However, this article will explain why this request is absurd and inherently wrong.

What is a Role Hierarchy in Salesforce?

Salesforce's role hierarchy is an instrument used to control data access and establish a simple and clear reporting structure in an org. For most organizations, the sales reps report to the Sales Manager, the Sales Manager reports to the CEO, and so on. These roles require various levels of access to data, which is what the Role Hierarchy in Salesforce aims to achieve.

Role Hierarchy is also a sharing-setting mechanism in Salesforce. By default,  roles higher up in the hierarchy can view records belonging to roles that report to them or are below them. So, from the example above, the CEO can automatically see records belonging to the Sales Manager and those below them. Similarly, the Sales Manager can view records belonging to the sales reps by default. To enable this, all you need to do is check the “Grant Access Using Hierarchies” box.

What is a Profile in Salesforce?

Simply put, a profile defines any user's default permissions in the org. While these permissions can be modified, it is important to know that every new user can only function to the level of the permissions they have on their profiles. There are two types of profiles: Standard and Custom.

Some configurations that can be carried out in the role hierarchy include:

  • Object-Level Permissions, i.e., CRED (Create, Read, Edit, Delete)
  • Field-Level Security
  • Access to tabs, apps, and other User Interface features.
  • App Permissions

Wondering How You Can Get Roles in Salesforce? Follow These Steps

  1. Navigate to the Set-Up ⚙️section of your org.
  2. Type “Roles” in the Quick Find box.
  3. On the page that appears when you click Roles, find the button that says “Set-Up Roles.”
  4. Next, choose the “Expand All” option to see the hierarchy in more detail. 
  5. Hover around the “Edit” option under any role you want to assign.
  6. Input your desired details.
  7. Finally, save.

Key Distinctions Between Role and Profiles in Salesforce

  • While Role Hierarchy and Profiles are sharing-setting tools, Roles are focused on record sharing and access, while Profiles do way beyond that (objects, apps, user interface, and field-level security)
  • Roles in Salesforce define an organization's reporting structure. A profile focuses on the permissions and abilities given to certain users in the organization.
  • When creating a new user, filling the Role field is not compulsory. However, a user cannot be created in Salesforce without a profile being assigned to them.

Best Practices for Handling Roles And Profiles in Salesforce

Roles and Profiles are interesting features of the Salesforce CRM tool. As a Salesforce Administrator, it is important to familiarize yourself with these two platform features and understand their similarities and differences. Understanding these features will inform your ability to regularly review certain organizational functionalities and align them with changing business requirements and security demands.


In conclusion, roles, and profiles work together to help build a robust security system in Salesforce. As a Salesforce administrator, you must understudy both aspects of the Salesforce platform and understand the similarities and differences to carry out your responsibilities effectively.

Explore More
See more articles from our Hub