User Permission
A User Permission in Salesforce is a single named capability that grants a user the right to perform a specific action: View All Data, Modify All Data, Manage Users, Run Reports, Customize Application, Send Email, Edit Read-Only Fields, and roughly two hundred others.
Definition
A User Permission in Salesforce is a single named capability that grants a user the right to perform a specific action: View All Data, Modify All Data, Manage Users, Run Reports, Customize Application, Send Email, Edit Read-Only Fields, and roughly two hundred others. Each permission is a boolean flag the platform checks when a user tries to perform the action; if the flag is true on any profile or permission set the user is assigned, the action is allowed.
User Permissions are the building blocks of the Salesforce security model alongside Object Permissions (CRUD on objects), Field-Level Security (read or edit on fields), and Sharing (record-level access). A user's complete authority is the union of every permission on their Profile plus every Permission Set assigned to them. The administrator's role is to grant exactly the user permissions each user needs for their job and not a single one more, an exercise in least-privilege design that becomes harder as the org and the user permission catalog both grow.
How User Permissions compose with Profiles, Permission Sets, and the other layers of Salesforce security
The permission catalog
Salesforce ships with approximately 200 named user permissions, each granting one specific capability. Categories include data access (View All Data, Modify All Data, View All Users), administrative (Customize Application, Manage Users, Manage Sharing), reporting (Run Reports, Manage Reports in Public Folders, Export Reports), and feature-specific (Edit Encrypted Data, Manage Connected Apps, Manage Sandboxes). Each release adds a handful of new ones tied to new features. The full catalog is documented in the Permission Reference and surfaced in the Profile and Permission Set UI.
Profile vs Permission Set
Profiles set the user's baseline permissions; Permission Sets add additional permissions on top. A user has exactly one Profile and any number of Permission Sets. Permission Sets are additive: an permission granted in a Permission Set is granted even if the Profile denies it (with the exception of certain admin permissions). This is the "Profiles for baseline, Permission Sets for elevation" pattern Salesforce recommends, and it is the right shape for least-privilege design because elevations are reviewable per-user rather than buried in a shared Profile.
View All Data and Modify All Data
The two highest-impact user permissions are View All Data (read every record regardless of sharing) and Modify All Data (read and write every record regardless of sharing). These permissions bypass the sharing model entirely; a user with Modify All Data can change any field on any record in the org. They are typically granted only to system administrators and integration users. The audit trail captures every action a Modify All Data user takes, but the permission itself is the equivalent of root access in a Unix system and should be granted sparingly.
Permission Set Groups
Permission Set Groups bundle multiple Permission Sets into a single assignable unit. A Sales Manager group might bundle the Run Reports permission set, the Forecast Manager permission set, and the Approve Discount permission set. Users assigned the group get every permission in every included set. Groups simplify mass assignment when a new manager joins; you assign one group rather than three individual permission sets.
Login IP Ranges and Session-Level Restrictions
Some permissions are gated by session-level controls. Manage Sharing, for example, can require a Login IP Range or a re-authenticated session. These controls are configured on the Profile (or via Session Settings) and provide a second check beyond the permission flag itself. A user might hold the Manage Sharing permission but be unable to use it when logging in from an unrecognized IP. This pattern is essential for high-privilege permissions in regulated industries.
Auditing permissions
Salesforce surfaces three audit views for user permissions. The Permission Set Overview lists every permission in a single set. The User Detail Page Permission Set list shows every set assigned to a user. The Setup Audit Trail logs every permission grant or revoke with who made the change. For deeper analysis, the Tooling API exposes UserPermissionAccess records that let an admin query "every user with Modify All Data" or "every permission held by user X". The query catalog is what enables continuous least-privilege audits.
Deprecated permissions and modernization
Some user permissions have been retired in newer Salesforce releases as features evolved. Author Apex is now broken into more granular permissions; certain View permissions have been replaced by Permission Set Licenses tied to add-on products. Customers maintaining long-lived orgs should periodically review their permission graph for retired permissions that are still being assigned (no-ops at best, audit findings at worst). The Permission Reference flags retired entries.
Grant a user permission through a Permission Set
Add a specific Salesforce capability to one or more users through a Permission Set rather than editing their shared Profile.
- Identify the permission
Open the Permission Reference (Salesforce Help) and look up the exact permission name needed. Confirm the API name and the category.
- Create or open the Permission Set
Setup, Permission Sets. Create a new set named for the capability (Run Reports In Public Folders) or open an existing relevant set.
- Enable the permission
Open System Permissions inside the Permission Set. Check the box next to the target permission. Save.
- Assign to users
On the Permission Set detail, click Manage Assignments, Add Assignments. Select the users. Save.
- Verify
Log in as one assigned user (or impersonate via Login As). Confirm the capability is now available; the action that was previously blocked now works.
- Audit
Document the assignment in your access-review log. The Setup Audit Trail captures the change; your access-review process records why.
Baseline grant on the user's single Profile. Hard to change without affecting other users on the same Profile.
Additive grant assignable to individual users. The preferred mechanism for elevation.
Bundled set of Permission Sets assignable as a single unit.
Gates a permission behind IP range or re-authentication requirements.
- Profile changes affect every user on that Profile. Editing the shared Profile to grant one user a new capability gives every other user on it the same capability.
- View All Data and Modify All Data bypass the sharing model. Grant them only to system administrators and audited integration users.
- Permission Sets can grant permissions Profiles deny, but cannot revoke them. To revoke a permission, edit the Profile.
- Some user permissions require a Permission Set License. Granting the permission without the license has no effect; check the License Required column in the catalog.
Trust & references
Cross-checked against the following references.
- Permission SetsSalesforce Help
- ProfilesSalesforce Help
- Permissions ReferenceSalesforce Help
Straight from the source - Salesforce's reference material on User Permission.
- User Permissions ReferenceSalesforce Help
- Permission Set GroupsSalesforce Help
- UserPermissionAccess ObjectSalesforce Developer Docs
Hands-on resources to go deeper on User Permission.
About the Author
Dipojjal Chakrabarti is a B2C Solution Architect with 29 Salesforce certifications and over 13 years in the Salesforce ecosystem. He runs salesforcedictionary.com to help admins, developers, architects, and cert/interview candidates sharpen their fundamentals. More about Dipojjal.
Test your knowledge
Q1. What is a User Permission?
Q2. How are they granted?
Q3. What's a security best practice?
Discussion
Loading discussion…