Security Role

John Phillips

A security role defines how different users access different types of records. To control access to data, existing security roles can be modified, new ones can be created, or the roles assigned to a user can be changed.

Points to note:

  • Each user can have multiple security roles. The effect of these is cumulative, with the least restrictive setting being applied. For example, if one role allows a user to read Account records and another role allows the user to edit an Account, if the two roles are applied to a user, they will be able to edit Account records as that is the least restrictive option. This applying of multiple roles is useful for employees who may perform multiple functions as part of their job; rather than creating a special Security Role for one person, the individual Security Roles can be applied instead.
  • Each security role consists of record-level privileges and task-based privileges:
    Record-level privileges – define which tasks a user with access to the record can perform, such as Read, Create, Delete, Write, Assign, Share, Append, and Append To.
    (Append means to attach another record, such as an activity or note, to a record. Append to means to be attached to a record)
    Task-based privileges – grants a user privileges to perform specific tasks, such as publishing articles and exporting data.