Loading

CRM Analytics App visibility and 'View All Data' and 'Modify All Data' permissions

게시 일자: Jul 8, 2026
상세 설명

CRM Analytics apps have sharing behavior similar to core Report and Dashboard folder sharing, as documented here.

When users have been granted the "View All Data" or "Modify All Data" system permissions, they have access to apps that transcends the standard sharing functionality.

Note: "View All Data" and "Modify All Data" are potent permissions and should be granted sparingly and only to users who absolutely need that level of access. Details are available here.

솔루션

The behavior of CRM Analytics App visibility depends on whether a user holds standard permissions, View All Data, or Modify All Data. The following sections describe each scenario and provide examples.

Standard Permissions

When a user has the appropriate permission set license and the associated Use/Access permissions, they can view apps tied to the same license that they have been granted at least Viewer access to (directly by User, or indirectly by Role or Group).

Example: A user with the following configuration has access only to Sales Analytics templates and apps:

  • Permission Set License: "Sales Cloud Einstein"
  • Permissions: "Access Sales Cloud Analytics Templates and Apps" and "Use Analytics Templated Apps"

View All Data

If a user is granted "View All Data," they are able to see all apps tied to their assigned permission set license(s).

Continuing the example above: The user has visibility on all Sales Analytics generated apps, regardless of whether those apps have been explicitly shared with that user. The user can see the contents (datasets, lenses, dashboards) of those apps.

Modify All Data

If a user is granted "Modify All Data," they are able to see and edit all apps tied to their assigned permission set license(s).

Continuing the example above: The user has visibility and edit capabilities on all Sales Analytics generated apps, regardless of sharing settings. The user can see and edit the contents (datasets, lenses, dashboards) of those apps.

Security Predicate

It is important to note that the Security Predicate applies row-level security at a query level for datasets. The View All Data and Modify All Data permissions do not override the Security Predicate. Users with these permissions cannot view records that are restricted by the Security Predicate.

Continuing the example above: If the user's visibility is restricted by the Security Predicate on datasets, they only have visibility on related lenses and dashboards for the records permitted by the Security Predicate.

Important Caution: With "Modify All Data," the user is able to edit datasets to modify or remove the Security Predicate. Review your security configuration carefully before granting this permission. More details on implementing row-level security can be found here.

추가 자원

CRM Analytics App Sharing

Security Predicate Considerations

Row-Level Security Implementation Guide for CRM Analytics

View All Data and Modify All Data Permissions

Knowledge 기사 번호

000382181

 
로드 중
Salesforce Help | Article