Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
Full Permission Set entry
How-to guide

How to set up Permission Set in Salesforce

Permission Sets grant *additional* permissions on top of a user's profile — they only add, never subtract. Modern Salesforce strongly favors permission sets over profile-based permissions because they're composable and easier to audit.

By Dipojjal Chakrabarti · Editor, Salesforce DictionaryLast updated Apr 20, 2026

Permission Sets grant *additional* permissions on top of a user's profile — they only add, never subtract. Modern Salesforce strongly favors permission sets over profile-based permissions because they're composable and easier to audit.

  1. Open Setup → Permission Sets

    Top-right gear icon → Setup → quick-find "Permission Sets" → click the result.

  2. Click New

    Top-right of the list.

  3. Set Label, API Name, and License

    Label and API Name are the human and machine names. License = "--None--" for max flexibility (any user can be assigned); a specific license restricts assignment to users with that license.

  4. Save and configure permissions

    After Save, you land on the permission set's detail page. Click into Object Settings, Field Permissions, System Permissions, App Permissions, and Apex Class Access to grant each.

  5. Manage Assignments

    From the permission set's detail page, click Manage Assignments → Add Assignment → pick users → Assign. Without this step, the permission set exists but does nothing.

  6. (Optional) Bundle into a Permission Set Group

    For groups of users who need the same permission sets, build a Permission Set Group instead of assigning individually.

Key options
Licenseremember

"--None--" lets you assign to any user. A specific license (Salesforce, Salesforce Platform, etc.) restricts who can be assigned. Pick "--None--" unless the permission set is license-specific.

Object Settingsremember

Per-object Read/Create/Edit/Delete + per-field Read/Edit. The bulk of what permission sets are for.

System Permissionsremember

Org-wide toggles like "View All Data", "Modify All Data", "Customize Application". Grant sparingly — these bypass sharing.

Session Settingsremember

Optional: require certain login conditions (e.g., HIGH_ASSURANCE) for users assigned this permission set. Off by default.

Gotchas
  • Creating a permission set does nothing on its own — assignment is a separate step. The #1 "my user can't see X" ticket is forgotten assignment.
  • Permission sets only ADD. If a user's profile is too restrictive (e.g., no Read on a field), no permission set can hide that field — they can only grant access, not revoke.
  • License field is locked after Save. Pick carefully — to change it, you must delete and recreate the permission set.

See the full Permission Set entry

Permission Set includes the definition, worked example, deep dive, related terms, and a quiz.