Loading

API Error 'insufficient access rights on cross-reference id'

Дата публикации: Oct 22, 2024
Описание

The “Insufficient access rights on cross-reference ID” error indicates a permission issue in Salesforce. It happens when a user tries to use a Flow, save a record, or perform an action that depends on a connected record, but the user doesn’t have the required permissions to access that record.

This connected record is usually linked through a lookup field or a Master-Detail relationship. The user is attempting to use something (the connected record) they aren’t allowed to see.

To debug the API Error 'insufficient access rights on cross-reference id', here are some common scenarios when this error occurs.

Решение

There are six documented, specific examples of when this error can occur.  They are detailed below, with possible cause and suggestions to resolve. Please note that this error may also occur for new and undocumented causes.


Scenario: When creating a record and attempting to assign it to a new user in the same call.
Possible Cause: Create a record first, and in a separate call update the record with a new OwnerId.

 
Scenario: The record type Id is not a valid record type id for the object that is being manipulating.
Possible Cause: Correct the Record Type Id.
 
Scenario: Assign a record to a user who does not have profile access to the record type.
Possible Cause: Add profile access to the used record type.
 
Scenario: Assign a record to another user but assigning user's profile does not have access to the record type.
Possible Cause: Add Record Type to your user profile.

Scenario: Assign a record to a Partner Portal user and the user does not have access to Internal Salesforce.
Possible Cause: Add a NetworkScope column including the ID for the Community you are working with. 
 
Scenario: A lead submission invokes an auto-response e-mail notification, but the e-mail template used in the response is contained in a folder to which the user does not have access.
Possible Cause: Find which e-mail template is invoked in the auto-response rule; check the folder permissions for the folder that contains this e-mail template; ensure that the user making the API call has permissions to access this folder.
 
If none of the above scenarios apply to you, then consider any possibility whereby any record associated with your action, referenced directly in the API call or by any resulting trigger / workflow / auto response, must be accessible by the user making that API call.
Дополнительные ресурсы

Trailblazer Community - Insufficient access rights on cross-reference id issue 

Salesforce Stack Exchange - Insufficient access rights on cross-reference id: error

Номер статьи базы знаний

000385619

 
Загрузка
Salesforce Help | Article