Streamlining Salesforce User Management: A Shift to Permission Set-Based Access
Last Updated: October 11, 2024
Salesforce has recently announced a significant change to the data access and user permission management, bringing a new era of user management in Salesforce.
The company has reported the end-of-life (EOL) of permissions on profiles, which will take effect in the Spring ’26 release.
This article will explore the reasons behind this evolution, the future of profiles and permission sets, and provide you with information on what you can do now to prepare for the upcoming changes.
What exactly is happening and why?
If you’ve been staying up-to-date with the latest features for Salesforce admins, you might have noticed that Salesforce has been giving updates on the future of user management. For the last three years, Salesforce has been consistently talking about permission sets as the way forward for managing user access. The wait is over! Salesforce will be phasing out permissions on profiles, and these changes will be fully implemented in the Spring ’26 release.
Profiles will continue to exist, but the permissions that are currently assigned to profiles will be phased out and will only be available through permission sets.
The limitations introduced to profile-based permissions will have a positive impact on user management in Salesforce, making it much easier for administrators to manage user access, maintain data security, and ensure safety.
What will remain on a profile:
- One-to-one relationships — login hours/IP ranges
- Defaults — record types, apps
- Page layout assignment — the future is App Builder/Dynamic Forms so Salesforce will not invest in bringing page layout assignment to permission sets
What will only be available on permission sets:
- User permissions (system and app permissions)
- Object permissions (object Create, Read, Update, and Delete)
- Field permissions (field-level security)
- Tabs
- Record types (not defaults)
- Apps (not defaults)
- Connected app access
- Apex classes
- Visualforce pages
- Custom permissions
Salesforce Experience Cloud: The Tool for Digital Transformation in 2024
Important notes to keep in mind now!
- In order to migrate user profiles to permission sets and permission set groups, use the User Access Policies feature that is currently in Closed Beta (as of Spring ’23).This feature allows you to specify criteria about your users to help you migrate them efficiently. To participate in the Closed Beta fill out the form.
- Salesforce has a new feature in Open Beta that allows you to set Field Level Security (FLS) on permission sets instead of profiles. You can activate this feature in the user management settings. Salesforce is planning to make this feature Generally Available (GA) in Summer ’23.
- Spring ’24 release will provide you with the opportunity to turn off the ability to use permissions on profiles before the official EOL.
Why we recommend our customers to switch to permission sets
The main idea behind it is to ensure managing users in the Salesforce Experience Cloud easier for companies and their Salesforce admins.
Profiles in Experience Cloud sites
Each user in Experience Cloud is assigned a profile. Salesforce admins formerly had to modify profiles manually or with the use of Flows in order to provide the user the proper access to data, which required a lot of time and effort. With permission sets, internal user management in Salesforce will become much easier.
Product updates
We strongly recommend that our customers who use our custom Salesforce-native solutions on their Experience Cloud sites switch to using permission sets. Permission sets are a powerful tool that allow us to make feature updates and performance enhancements to our applications quickly and easily, without requiring any manual adjustments to access levels. Whenever we release a new version of our product, all updates are automatically applied to our customers’ orgs, including any necessary changes to permissions. This makes life easier for our customers, since they don’t need to worry about adjusting access by profiles or permission sets to specific objects or fields. By using permission sets, they can be sure that they always have the most up-to-date version of our software.
It’s time to stop the never-ending profile updates required for configuring access to your site and data. Switch to permission sets to easily manage community users and keep your site running smoothly, even when the products you’re using are updated.
Subscribe to our Newsletter
Receive regular updates on our latest blog posts, news, and exclusive content!
Looking for Assistance? Get a Helping Hand Here!
Change is in the air, taking user management in Salesforce to new heights. Don’t wait until the Spring ’26 release. Start your transition to permission sets right now!
To ensure the smoothest and most painless process, we recommend leaving this job to professionals. At Advanced Communities, we have a wealth of experience working with Salesforce and its products. Let us help you meet these changes fully armed and prepared for the new era of user management in Salesforce.
If you’re looking for robust solutions for your Experience Cloud, such as event management solution, comprehensive Salesforce knowledge management tool, or member management app for Salesforce Experience Cloud, we’re here to help.
Need assistance with Salesforce online communities implementation? Feel free to reach out at sales@advancedcommunities.com
FAQ
1. What are the Key Advantages of Using Permission Sets over Profiles for User Management in Salesforce?
Permission Sets offer more granular control over user access, allowing you to assign specific permissions to individual users or groups without affecting the entire profile. Besides, permission sets are more flexible than Profiles, as they can be easily modified and assigned to different users or groups without requiring changes to the underlying profile. Third, using Permission Sets can streamline user management processes by reducing the need to create and maintain multiple profiles.
2. How can I Effectively Migrate from a Profile-Based Access Approach to Permission Sets in My Salesforce Organization?
Begin by analyzing your existing profiles to identify the permissions assigned to each one. Create Permission Sets that correspond to the permissions assigned to your existing profiles. After that, assign the appropriate Permission Sets to users based on their roles and responsibilities. Thoroughly test your new Permission Set-based access model to ensure that users have the correct permissions to perform their tasks.
