Definition
Permission Set Groups is a Setup page where administrators create and manage groups of permission sets that are assigned together as a bundle. This simplifies access management by combining multiple related permission sets into a single assignable unit, ensuring users get all the permissions they need for a specific role or function.
Real-World Example
The admin at Apex Dynamics creates a Permission Set Group called "Sales Representative" that bundles four permission sets: CRM Access, Report Builder, Email Integration, and Mobile Access. Instead of assigning each permission set individually to every new sales hire, she assigns the single group, ensuring consistent access and saving time during onboarding.
Why Permission Set Groups Matters
Permission Set Groups is the Setup page in Salesforce where administrators create, view, edit, and manage all Permission Set Groups in the org. This is the administrative hub for the Permission Set Group feature — while a Permission Set Group is a single bundle, the Permission Set Groups page lists all groups, shows their member Permission Sets and Muting Permission Sets, and provides the interface for creating new groups or modifying existing ones. Administrators use this page to maintain an organized access management system, ensuring each functional role in the organization has a corresponding group that can be assigned with a single action.
As organizations adopt Permission Set Groups as their primary access management model, the Permission Set Groups Setup page becomes the central control point for security governance. Admins need to regularly review this page to ensure groups stay aligned with organizational changes — new roles are created, existing roles are modified, and compliance requirements evolve. Without regular maintenance, Permission Set Groups drift from reality: groups contain outdated Permission Sets, new capabilities aren't added to relevant groups, and orphaned groups remain for roles that no longer exist. Best practice is to treat the Permission Set Groups page as a living document of your security model, reviewing it quarterly in coordination with HR and compliance stakeholders. The page also provides visibility into the Muting Permission Sets within each group, which is critical for understanding the net effective permissions a user actually receives.
How Organizations Use Permission Set Groups
- Apex Dynamics — The admin at Apex Dynamics opens the Permission Set Groups page and creates a 'Sales Representative' group bundling CRM Access, Report Builder, Email Integration, and Mobile Access Permission Sets. Instead of assigning four sets individually during onboarding, she assigns the single group. When a fifth set (Social Selling) is needed, she adds it to the group and all 75 existing Sales Reps automatically gain the new permission.
- Redwood Consulting — Redwood Consulting's admin conducts a quarterly review on the Permission Set Groups page and discovers three orphaned groups for roles that were reorganized six months ago. He removes the obsolete groups and updates two active groups to reflect new compliance requirements, ensuring the page accurately represents the current organizational access model.
- BrightStar Technologies — BrightStar Technologies' compliance officer audits the Permission Set Groups page before their SOC 2 assessment. She reviews each group's member Permission Sets and Muting Sets, verifies that sensitive permissions are properly muted in non-admin groups, and documents the complete access model. The auditor commended the organized group structure as evidence of mature access control practices.