Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Control Authorization with Custom Profiles and Roles

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Control Authorization with Custom Profiles and Roles

            In identity and access management, it's important to control who is authorized to access resources. You can manage authorization by assigning your users profiles and roles. Profiles define how users access data and what they can do in Salesforce. Roles allow you to create a user hierarchy so that users can access data owned or shared by subordinates.

            Salesforce provides standard profiles with pre-configured permissions and settings that define authorization. For more fine-grained control, you can clone a standard profile and edit its permissions. To modify a standard profile and assign it to a user, take these steps.

            1. From Setup, in the Quick Find box, enter Profiles, then select Profiles.
            2. Next to External Identity User, click Clone.
            3. Enter a name for the profile and save.
            4. To customize the profile, click Edit. You can modify the permissions associated with the profile.
              1. Click Edit.
              2. Search for API Enabled, and then select the checkbox next to this permission.
                API Enabled gives users API access to your org’s data through any back-end mechanism.
              3. Click Save.
            5. Create a role structure.
              Sites require a user role hierarchy to help control how users share Salesforce data. Assign a role to the user who manages your site.
              1. From Setup, enter Role in the Quick Find box, then select Roles.
              2. From the dropdown list, select Product-based Sample, then select Set Up Roles.
              3. Under CEO, click Add Role.
              4. For the role label, enter Customer Manager.
              5. Click Save.
            6. Add the Customer Manager role to the user site manager so that the manager can modify the Customer profile.
              Note
              Note The person who manages the site for your company must have a role. However, you can’t assign roles to users who have the External Identity license, which enables access to the Salesforce Customer Identity product.
              1. From Setup, enter Users in the Quick Find box, then select Users.
              2. Next to your username, click Edit.
              3. Under Role, select Customer Manager.
              4. Click Save.

            You’ve now learned the basics of authorizing users. For more information about configuring authorization, check out the Data Security Trailhead module. For more information about creating users and securing access, see the User Management Trailhead module.

             
            Loading
            Salesforce Help | Article