Salesforce Control Access Records - Salesforce

What is Salesforce Control Access Records?

In this section, we will study about the Control Access Records in Salesforce. Several times, beyond the access limit for the objects and fields, we similarly need to restrict access to few records of an object. This requires setting up of access restriction for a user based on the values in the records.

Record Ownership

An exclusive feature of Salesforce is the ownership of each stored record. Every record in every object has a field which scripts the ownership of that record. A user who wants access to this record becomes part of the profile which is same as the profile of the owner of that record.

Restriction Mechanism

Access is approved at multiple levels like Object, Field and Records. Struggles might come up between the access levels. There might be a read access on a record but the object covering it might not have read access for a user. In such case, the access type which is more limiting (gives less access) will be applied. Thus, a record without access permission will persist unreachable even when the object covering it is nearby and an Object without access permissions will continue inaccessible even when it has some records to which the user has read access.

Record Sharing Mechanism

The Saleforce platform offers four distinct mechanisms to share the records of an object with the users.

  • Organization-wide defaults
  • Manual sharing
  • Role hierarchies
  • Sharing rules

Organization-wide defaults

In this mechanism, a nominal access level is formed and decided to all the users. Thus, every user who is part of the organization, gets admission to these records. Formerly, the access for additional records is modified by clubbing the users into role hierarchies, sharing rules and also through manual sharing with each of the user.

There are four kinds of sharing models which implement the organization-wide default settings.


Settings & Result


Public Read/Write

All users can view, edit, and report on all records.


Public Read Only

All operators can view and report on records but not edit them. Only the owner, and users above that role in the hierarchy, can edit those records.



Only the record owner, and users above that role in the hierarchy, can view, edit, and report on those records.


Controlled by Parent

A user can perform an action (such as view, edit, or delete) on a contact based on whether he or she can perform that same action on the record associated with it.

Manual Sharing

In this access model, the record holders give the read and edit permissions to exact users. Thus, it is a manual process in which individual or group of records are held by the record owners. This is to be done for each user profile that wants the access.

In our subsequent episodes, we will converse role hierarchies and sharing rules.

All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd Protection Status

Salesforce Topics