Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
DictionaryPProfile
AdministrationIntermediate

Profile

A Salesforce configuration that defines a user's permissions, page layout assignments, field-level security, and app visibility, serving as the baseline set of access controls assigned to each user in the org.

Profile page for System Administrator showing app and object permission tabs, login hours, and assigned users.
Illustrative mock of the Profile page in Lightning Experience
§ 01

Definition

A Salesforce configuration that defines a user's permissions, page layout assignments, field-level security, and app visibility, serving as the baseline set of access controls assigned to each user in the org.

§ 02

In plain English

👋 Study buddy

A Profile is a Salesforce configuration that defines a user's permissions, page layouts, field-level security, and app visibility. Every user has one profile, and the profile is the baseline access control for what they can see and do.

§ 03

Worked example

scenario · real-world use

Brackenridge Capital's Salesforce admin assigns each user a Profile based on their role. The "Standard User" Profile gives most employees baseline access; the "Sales Manager" Profile adds Modify All Data on Opportunities; the "System Administrator" Profile gives complete access. Each Profile defines page-layout assignments, field-level security, app visibility, and record-type defaults. When a user is hired into the Sales Manager role, the admin assigns them the "Sales Manager" Profile, and they immediately inherit the right permissions. Profiles are the baseline access model; permission sets layer on top for finer-grained additions.

§ 04

Why Profile matters

A Profile in Salesforce is a configuration that defines a user's permissions, page layout assignments, field-level security, and app visibility, serving as the baseline set of access controls assigned to each user in the org. Every user must have exactly one profile, which determines their fundamental access. Permission sets can layer additional access on top of the profile baseline.

Profiles are foundational to Salesforce security and user experience. The profile determines what objects a user can access (CRUD permissions), which fields they can see (field-level security), what page layouts they get, what apps appear in their App Launcher, and dozens of other settings. Mature orgs design profiles thoughtfully, with clear naming conventions and minimal differences between similar profiles. Permission sets handle additional access for specific scenarios, keeping the profile count manageable.

§ 05

How to set up Profile

A Profile is the floor of a user's permissions — the License × Profile combination dictates what they can ever do, and Permission Sets only add to that floor. Modern best practice is to clone a Standard Profile and grant most permissions via Permission Sets, but you still need at least one Profile per user.

  1. Open Setup → Profiles

    Setup gear → Quick Find: Profiles → Profiles.

  2. Clone a Standard Profile (don't start from scratch)

    Pick the closest Standard Profile (Standard User, System Administrator, Read Only) → Clone. Naming convention: "<Team> - <Role>" e.g. "Sales - Account Executive".

  3. Set Name and License

    Name is the human label. License is **locked** after Save — pick the same License the users will hold (Salesforce, Salesforce Platform, etc.).

  4. Configure Object & Field Permissions

    Object Settings → per-object Read/Create/Edit/Delete + Field-Level Security. The bulk of profile work happens here.

  5. Configure Tab Settings

    Apps → which tabs are Default On / Default Off / Tab Hidden. Drives what shows up in the user's app launcher.

  6. Configure System Permissions

    View All Data, Modify All Data, Manage Users, Customize Application — grant sparingly. These bypass sharing and should live on Permission Sets where possible, not Profiles.

  7. Save and assign to users

    Save the profile. Assign by editing the User record → set Profile field. To switch profiles in bulk, use Mass Reassign or Data Loader.

Key options
Licenseremember

Locked at creation. Drives which Profiles are available to assign to a user.

Object Permissionsremember

Per-object Read / Create / Edit / Delete and Modify All / View All. The biggest lever.

Field-Level Securityremember

Per-field Visible / Read-Only. Profile FLS is the floor; Permission Sets can grant more.

Tab Settingsremember

Default On / Default Off / Tab Hidden per tab. Drives discoverability.

Login IP Rangesremember

Restrict logins to specific IPs. Useful for service-account profiles.

Login Hoursremember

Restrict logins to time windows. Rarely used — usually handled by Session Settings instead.

Gotchas
  • License is locked after Save. To change a profile from Salesforce Platform to Salesforce, you must delete and recreate.
  • A user has exactly one Profile at any time. To grant additional access, use Permission Sets — never duplicate-and-fork profiles for slight variations.
  • Modifying a Standard Profile is risky — it ships with assumptions Salesforce uses internally. Always clone a Standard Profile rather than edit it.
§ 06

How organizations use Profile

BrightEdge Solutions

Maintains a small set of role-based profiles with permission sets for additional access, keeping profile management simple.

NovaScale

Documents profile configurations clearly, making it easy to understand what each profile grants.

Cobalt Ventures

Audits profiles periodically as part of access governance to maintain least privilege.

§

Trust & references

Official documentation

Straight from the source - Salesforce's reference material on Profile.

Keep learning

Hands-on resources to go deeper on Profile.

Was this entry helpful?
Help us write better definitions. Quick reactions or detailed edit suggestions.
§

Test your knowledge

Q1. What is a Profile?

Q2. How many profiles can a user have?

Q3. What's a best practice?

§

Discussion

Loading…

Loading discussion…

Back to Dictionary