Insufficient Privileges errors might be caused by your sharing settings, such as roles or sharing rules.
Available in: Salesforce Classic
Available in: All Editions
User Permissions Needed
To create or edit sharing rules:
To set up teams:
To manage territories:
To verify if your error is at record-level, follow these steps. Alternatively, you can also use the API to query a user’s access to a set of records or use the Sharing button on the record detail page.
If your organization uses roles, check the user’s role in relation to the record owner.
For example, users can delete records only if they are the record owner, higher in the role hierarchy than the record owner, or the administrator. Similarly, users always have read access to records whose owners are below them in the role hierarchy, unless Grant Access Using Hierarchies is deselected (custom objects only).
From Setup, enter Users in the Quick Find box, then select Users.
Verify the role of the user and that of the user whose record is being accessed.
For example, a user can’t delete or merge accounts owned by someone in an unrelated role hierarchy, even if the user has the appropriate permissions on the objects.
If the user should have gotten access via a sharing rule, review your sharing rules.
The user might have been unintentionally left out from a sharing rule.
From Setup, enter Sharing Settings in the Quick Find box, then select Sharing Settings.
Check the public group (or other categories such as roles or queues) that the user should belong to for that sharing rule.
Verify your sales teams.
If your organization uses teams for accounts, opportunities, or cases, you might have missed the user when setting up the teams. Review your teams to determine if the user should have gotten access through a team.
From Setup, enter the team that you want to check, such as Account Teams, in the Quick Find box, then select the team.
Add the user to the team, if appropriate.
Review your manual shares.
The user might have gained access via a manual share but lost this access because the record owner changed, causing the manual share to be automatically dropped. The manual share might have been removed using the Sharing button on the record detail page. Only the record owner, an administrator, or a user above the owner in the role hierarchy can create or remove a manual share on the record.
On the record detail page, click Sharing.
The Sharing Detail page shows the users, groups, roles, and territories that have access to the record.
If the user must gain access via a manual share, create a manual share by clicking Add.
Review your territories.
If your organization is using territories, the user might be missing from the territories or the record might not be under the correct territory where the user is a member. Otherwise, you must be a forecast manager, Forecast managers can manage territories is selected, and you are working below your position in the territory hierarchy.