Field Level Security

 

Overview

Field Level Security, FLS, is a security feature within Salesforce that defines access at a read/write level to any particular field.

 

How Is Field Level Security Used?

 

FLS is used to determine access to a particular field at a read/write level. This is carried out on profiles. Utilizing other tools in salesforce you can continue to expand upon the base profile definition of access.

Permission sets allow you to add more field access to particular users on a case by case basis. Dynamic Pages will allow for you to hide/show field depending on the scenario you define.

 

What is the Benefit?

 

Security

When we think about things like Data Feeds and Integrations, Field Level Security is crucial in ensuring a sustainable and secure design for your Salesforce system.

By allowing an integration to only read/write the bare minimum in which it needs access to you add security and reduce the risk for bad master data management.

FLS allows you to do this without having to create multiple page layouts, and hidden reports.

 

Common Use Cases of Field Level Security

Use Case Roles Scenario Outcome
Profile Settings Admins Define Access
  • Utilize Field Level Security to grant Read and Edit rights to fields across objects
  • Define per profile to limit access as needed
Custom Permissions Admins Enhanced Access
  • Based on additional access needed for specific users, add Field Level Security to permission sets to grant additional access

 

 

Common Challenges

 

#1 – Users can’t see field even though they have access through profile or permission set

 

Resolution

On the screen or component, verify the field is visible. If so, verify the assigned record page or layout is exposed to the correct profiles/users/record type.

 

#2 – User can edit a field but the value is being replaced on Save

 

Resolution

There is automation impacting the field being edited. Try utilizing the “where is this used” button on the field detail in the Object editor and modify the automation referencing the field.

 

 

Who is Impacted?

 

Salesforce Users

FLS determines what fields users can see and edit. Ensuring they can edit what is required and are protected from editing things they should not.

 

Integrations

Be it Mulesoft, DBAmp, SQLServer or any other integration options FLS allows Administrators to make sure fields that should NOT be exposed to the API are not (and vice versa). This is also true for fields that should or should not be editable.

 

Salesforce Administrators

FLS gives furthers administrators control over the environment, by providing granular control over who can do what.

 

Related Terms

Back to Dictionary Index Page