Have you been trying to figure out how to prevent and grant access to parts of your Salesforce System? You may have come across the term “Permission Sets”. What are Permission Sets and how do you…well…set them?

A Permission Set is a collection of settings and permissions that give users access to various aspects of Salesforce.  The permissions bundled this way allow you to grant a user that collection of permissions without having to manually specify the same privileges to every user as you would do when using a profile. By centralizing these privileges, you can also make changes to the Permission Set and it will be mirrored by all the users who are assigned to it.

These Permissions can include:

  • Assigned Apps
    • Settings that specify which apps are visible in the app menu
  • Assigned Connected Apps
    • Settings that specify which connected apps are visible in the app menu
  • Object Settings
    • Permissions to access objects and fields, and settings such as tab availability
  • Apex Class Access
    • Permissions to execute Apex classes
  • Visualforce Page Access
    • Permissions to execute Visualforce pages
  • System Access
    • Settings that apply across all apps, such as record and user management
  • System Permissions
    • Permissions to perform actions that apply across apps, such as "Modify All Data"
  • App Permissions
    • Permissions to perform app-specific actions, such as "Manage Call Centers"

You can adjust some of these same privileges with “Profiles”, true, but a user can only possess one profile. Users can however hold multiple Permission Sets allowing a person to have more or less access than everyone in that Profile.

For example, a Sales profile for members of your team allows all of these users to enter Leads and create Invoices for the Accounting department. Perhaps you want to restrict new sales employees, who are assigned to the sales profile, to only enter leads, but not modify ones they did not created. Or perhaps you want to enforce that Supervisors need to approve an Invoice before Accounting is notified. This can be done with Permission sets while still keeping all these users under the same Sales profile.

Another example might be in the case of project management. Lets say there are three projects with three separate teams conducting research. Each researcher needs the same access rights, but only related to the project they are working on. By putting these restrictions in a Permission set you can separate who can see what. If one team is nearing a deadline, you could pull members from another team to help by granting them the additional permission set. When crunch time has passed, you can revoke the permission set and they can go back to their own project with ease.

If you would like more information on Set Permissions, including help creating ones tailored to the roles of your company, Stratus Hub is happy to assist you.

Want to know more about Salesforce?

Join our mailing list and we will share what we know with you. (But we won't share your email with anybody else).

Have Questions? Leave a comment below. We will get back to you with an answer.

Know someone else who might benefit from knowing what we know? Please share us with your friends.