Newer Version Available

This content describes an older version of this product. View Latest

Field-Level Security

Field-level security settings let you restrict users' access to view and edit specific fields.
Available in: Salesforce Classic (not available in all orgs) and Lightning Experience
Available in: Professional, Enterprise, Performance, Unlimited, Developer, and Database.com Editions

Watch how you can restrict access to specific fields using permission sets.

Your Salesforce org contains lots of data, but you probably don’t want every field accessible to everyone. For example, your payroll manager probably wants to keep salary fields accessible only to select employees. You can restrict user access in:

  • Detail and edit pages
  • Related lists
  • List views
  • Reports
  • Connect Offline
  • Email and mail merge templates
  • Custom links
  • The partner portal
  • The Salesforce Customer Portal
  • Synchronized data
  • Imported data

Page layouts and field-level security settings determine which fields a user sees. The most restrictive field access settings of the two always applies. For example, you can have a field that’s required in a page layout but is read-only in the field-level security settings. The field-level security overrides the page layout, so the field remains read-only.

You can define field-level security in either of these ways.

After setting field-level security, you can:

  • Organize the fields on detail and edit pages by creating page layouts.

    Use field-level security to restrict users' access to fields, and then use page layouts to organize detail and edit pages within tabs. This approach reduces the number of page layouts for you to maintain.

    Tip

  • Verify users' access to fields by checking field accessibility.
  • Customize search layouts to set the fields that appear in search results, in lookup dialog search results, and in the key lists on tab home pages. To hide a field that's not protected by field-level security, omit it from the layout.

Roll-up summary and formula fields are read-only on detail pages and not available on edit pages. They can also be visible to users even though they reference fields that your users can’t see. Einstein Insights can also be visible to the user even though the insight references fields that your users can’t see. Universally required fields appear on edit pages regardless of field-level security.

The relationship group wizard allows you to create and edit relationship groups regardless of field-level security.

Note