Loading
Service Degradation: Knowledge Search and Agent ResponsesRead More
Manage Users and Data Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            “View All” and “Modify All” Permissions Overview

            You are here:

            1. Salesforce Help
            2. Docs
            3. Manage Users and Data Access

            “View All” and “Modify All” Permissions Overview

            The “View All” and “Modify All” permissions ignore sharing rules and settings, allowing administrators to grant access to records associated with a given object across the organization. “View All Records” and “Modify All Records” can be better alternatives to the “View All Data” and “Modify All Data” permissions.

            Required Editions

            Available in: Salesforce Classic and Lightning Experience
            Available in: All Editions

            Be aware of the following distinctions between the permission types.

            Permissions Used for Users who need them

            View All Records

            Modify All Records

            		 Viewing or modifying all records for a specific object. Users who manage records for specific objects
            View All Fields Viewing all fields and field data for a specific object. Users who require broad view access to fields for specific objects.

            View All Data

            Modify All Data

            Managing all data in an organization; for example, data cleansing, deduplication, mass deletion, mass transferring, and managing record approvals.

            Users with View All Data (or Modify All Data) permission can view (or modify) all apps and data, even if the apps and data aren’t shared with them but must still be assigned field permissions.

            Administrators of an entire organization who require widespread access.

            If a user requires access only to metadata for deployments, you can enable the Modify Metadata Through Metadata API Functions permission. This permission gives such users the access they need for deployments without providing access to org data. For details, see “Modify Metadata Through Metadata API Functions Permission” in Salesforce Help.
            View All Fields (Global)

            Viewing fields and field data for all objects. To see an object’s fields, the user must also have the required object permissions.

            		 Available only for the Platform Integration User.
            View All Users Viewing all users in the organization. Grants Read access to all users, so that you can see their user record details, see them in searches, list views, and so on. Users who need to see all users in the organization. Useful if the organization-wide default for the user object is Private. Administrators with the Manage Users permission are automatically granted the View All Users permission.
            View All Lookup Record Names Viewing record names in all lookup and system fields. Administrators and users who need to see all information about a record, such as its related records and the Owner, Created By, and Last Modified By fields. This permission only applies to lookup record names in list views and record detail pages.

            Considerations

            • View All Data, Modify All Data, and View All Records or Modify All Records for a given object don’t override field-level security. Users must still have field permissions or the View All Fields object permission to access each field on an object.
            • In profiles or permission sets, if you enable the View All Data or Modify All Data user permissions, or View All Records, Modify All Records, or View All Fields for a given object, required permissions are enabled automatically. If you disable any of the required permissions, the "View All" or "Modify All" permission is also disabled, but all of the other automatically enabled permissions remain enabled.
            • If you have a large number of objects, enabling or disabling the View All Data or Modify All Data permissions in a profile or permission set can time out. To avoid performance issues, we recommend that you use the Metadata API instead of making these updates in Setup.
            • View All Records and Modify All Records aren’t available for ideas, price books, article types, and products.
            • View All Records and Modify All Records allow for delegation of object permissions only. To delegate user administration and custom object administration duties, define delegated administrators.
            • View All Records for a given object doesn't automatically give access to its standard detail objects and vice versa. Users must have Read access granted via sharing to see any associated standard child records to the parent record, or the parent record itself. However, View All Records for a given object does give access to its child custom object records without access being granted via sharing.
            • View All Users is available if your organization has User Sharing, which controls user visibility in the organization.
            • View All Data, Modify All Data, and View All Records, Modify All Records, or View All Fields for a given object can't be assigned to external users.
            • View All Records is required to enable the Query All Files permission, which grants users the access to content files and objects. See Set Up Users to Query Salesforce Files

            See Also

             
            Loading
            Salesforce Help | Article