Loading
Manage Users and Data Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            External Organization-Wide Defaults Overview

            You are here:

            1. Salesforce Help
            2. Docs
            3. Manage Users and Data Access

            External Organization-Wide Defaults Overview

            External organization-wide defaults provide separate organization-wide defaults for internal and external authenticated users to help you better secure your data.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: Professional, Enterprise, Performance, Unlimited, and Developer Editions

            By setting configuring separate levels of default record access for your internal and external authenticated users, you have more control over data access. External-organization-wide defaults simplify your sharing rules configuration and improve recalculation performance. These settings also speed up performance for reports, list views, searches, and API queries.

            For example, you want all your internal users to have read access to all account records, but you want to limit access for external authenticated users to certain groups and records. To configure more restrictive access for external authenticated users, set the default internal access to Public Read Only and the default external access to Private. You can later open up record access for external users using other features.

            Note
            Note The external access level for an object can’t be more permissive than the internal access level.

            You can set external organization-wide defaults for these objects. Your org might have other objects whose external organization-wide defaults can be modified.

            • Account
            • Asset
            • Case
            • Campaign
            • Contact
            • Individual
            • Lead
            • Opportunity
            • Order
            • User
            • Custom Objects

            External organization-wide defaults aren’t available for some objects, but you can achieve the same behavior with sharing rules. Set the default access to Private and create a sharing rule to share records with all internal users.

            External authenticated users include:

            • Authenticated website users
            • Chatter external users (with access only to the User object)
            • Experience Cloud site users
            • Customer Portal users
            • Customer Community users
            • High-volume Experience Cloud site users
            • Partner users
            • Service Cloud Portal users
            Important
            Important Guest users aren't considered external users. Guest users’ org-wide defaults are set to Private for all objects, and this access level can’t be changed.

            Learn more about external org-wide default settings in this video.

            See Also

             
            Loading
            Salesforce Help | Article