Field Level Security

Field Level Security is a Salesforce security feature that controls a user’s ability to view and edit specific fields within an object. While users may have access to an object and its records, Field Level Security determines whether they can see certain fields or modify their values.

Organizations often store sensitive information such as salaries, commission amounts, student fees, financial records, customer credit information, and confidential business data. Not every user should have access to this information. Field Level Security provides a powerful mechanism for protecting sensitive data while allowing users to perform their daily responsibilities.

Understanding Field Level Security is essential for Salesforce Administrators because it is one of the most important components of Salesforce Security and User Management.

What is Field Level Security?

Field Level Security (FLS) is a Salesforce feature that controls field visibility and edit permissions for users.

Field Level Security determines:

• Which fields users can view
• Which fields users can edit
• Which fields remain hidden
• Which fields are read-only

FLS provides more granular control than object-level security.

Why Field Level Security is Important?

Organizations manage sensitive information.

Examples:

• Employee Salaries
• Student Scholarships
• Customer Credit Limits
• Financial Transactions
• Medical Information
• Internal Business Metrics

Without Field Level Security:

• Sensitive data may be exposed.
• Compliance requirements may be violated.
• Security risks increase.

Field Level Security helps protect confidential information.

Field Level Security in the Salesforce Security Model

Salesforce security operates in layers.

Organization-Level Security

Controls login access.

Object-Level Security

Controls object permissions.

Field Level Security

Controls field access.

Record-Level Security

Controls record visibility.

Field Level Security sits between object access and record access.

How Field Level Security Works

Example:

Object:

Employee

Fields:

• Employee Name
• Department
• Salary

User Access:

HR Manager

Can View:

• Employee Name
• Department
• Salary

Sales Representative

Can View:

• Employee Name
• Department

Cannot View:

• Salary

This demonstrates how FLS protects sensitive information.

Key Components of Field Level Security

Field Level Security provides two primary controls.

Visible

Determines whether a user can see the field.

Read-Only

Determines whether a user can edit the field.

These settings create flexible access control options.

Field Visibility

Visible Field

Users can see the field.

Example:

Customer Email

Displayed on record pages and reports.

Hidden Field

Users cannot see the field.

Example:

Customer Credit Score

The field is completely hidden.

This enhances data security.

Read-Only Fields

What is Read-Only Access?

Users can view the field but cannot modify it.

Example:

Student Registration Number

Users may see:

REG-10001

But cannot edit it.

Benefits:

• Prevents accidental changes
• Protects system-generated values
• Maintains data integrity

Read-only access is commonly used for important business fields.

Field Level Security and Profiles

Profiles are commonly used to configure Field Level Security.

Example:

Finance Profile

Can view:

• Payment Amount
• Invoice Value

Trainer Profile

Cannot view:

• Payment Amount
• Invoice Value

Profiles define baseline field access.

Field Level Security and Permission Sets

Permission Sets can extend field access.

Example:

Profile:

Salary Field = Hidden

Permission Set:

Salary Field = Visible

Result:

Selected users gain access.

This provides flexibility without changing Profiles.

Configuring Field Level Security

Method 1: Through Object Manager

Step 1

Navigate to:

Setup

Step 2

Open:

Object Manager

Step 3

Select Object.

Example:

Student

Step 4

Select:

Fields & Relationships

Step 5

Choose Field.

Step 6

Click:

Set Field-Level Security

Step 7

Configure visibility settings.

Step 8

Save.

The changes apply immediately.

Configuring FLS Through Profiles

Step 1

Navigate to:

Setup → Profiles

Step 2

Open Profile.

Step 3

Select Object Settings.

Step 4

Open Field Permissions.

Step 5

Configure:

• Visible
• Read Only

Step 6

Save.

This method is frequently used by administrators.

Configuring FLS Through Permission Sets

Step 1

Open Permission Set.

Step 2

Select Object Settings.

Step 3

Choose Object.

Step 4

Configure Field Permissions.

Step 5

Save.

Users assigned the Permission Set receive the additional access.

Field Level Security for Standard Objects

Examples:

Account

Contact

Lead

Opportunity

Case

Field Level Security can be applied to fields within all these objects.

Field Level Security for Custom Objects

Examples:

Student__c

Course__c

Payment__c

Enrollment__c

Custom object fields can be secured independently.

This provides extensive flexibility.

Example: Student Management System

Object:

Student__c

Fields:

• Name
• Email
• Scholarship Amount

Permissions:

Counselor

Can View:

• Name
• Email

Cannot View:

• Scholarship Amount

Finance Manager

Can View:

• Name
• Email
• Scholarship Amount

Field Level Security protects financial information.

Field Level Security and Reports

FLS affects report visibility.

Example:

Salary Field:

Hidden

Result:

Users cannot:

• Add field to reports
• View field in reports
• Export field values

This ensures security across reporting features.

Field Level Security and Search

Hidden fields are excluded from:

Search Results

Global Search

Lookup Searches

Related Lists

This prevents accidental exposure.

Field Level Security and APIs

Field Level Security applies to:

REST API

SOAP API

Bulk API

Integrations

If a user cannot access a field in Salesforce, they generally cannot access it through APIs.

This strengthens security.

Field Level Security and Page Layouts

Many beginners confuse these features.

Page Layout

Controls display.

Field Level Security

Controls security.

Example:

Field removed from page layout:

Users may still access it through reports.

Field hidden using FLS:

Users cannot access it anywhere.

FLS provides true security.

Field Level Security vs Page Layouts

Field Level Security should always be used for sensitive information.

Field Level Security vs Object Permissions

Both are necessary components of Salesforce security.

Common Business Use Cases

Human Resources

Protect salary information.

Finance

Restrict payment data.

Healthcare

Protect patient records.

Education

Restrict scholarship information.

Sales

Protect commission data.

Field Level Security supports numerous business scenarios.

Best Practices for Field Level Security

Follow Least Privilege Principle

Grant minimum required access.

Protect Sensitive Fields

Apply strict controls.

Use Permission Sets

Avoid excessive profile customization.

Audit Access Regularly

Review field permissions periodically.

Document Security Policies

Support compliance efforts.

Test User Access

Verify permissions before deployment.

These practices improve security and governance.

Common Challenges

Excessive Permissions

Users gain unnecessary access.

Poor Documentation

Difficult to manage permissions.

Compliance Requirements

Require strict controls.

Complex Permission Structures

Large organizations require careful planning.

Regular audits help address these challenges.

Real-World Example

A software training company uses Salesforce.

Object:

Student__c

Fields:

• Name
• Course
• Scholarship Amount

Access:

Counselor

Can view Name and Course.

Finance Manager

Can view Scholarship Amount.

Result:

Sensitive financial information remains protected while users perform their responsibilities.

This demonstrates the value of Field Level Security.

Why Field Level Security Matters for Salesforce Professionals

Understanding Field Level Security helps professionals:

• Protect sensitive information
• Improve compliance
• Strengthen Salesforce security
• Manage user access effectively
• Prepare for Salesforce certifications

Field Level Security is a critical Salesforce administration skill.

Summary

Field Level Security is a Salesforce security feature that controls visibility and edit access for individual fields. By allowing administrators to define which users can view or modify specific fields, Field Level Security protects sensitive information, supports compliance requirements, and strengthens overall Salesforce security. It works alongside Profiles, Permission Sets, Object Permissions, and Record-Level Security to provide comprehensive access control.

Frequently Asked Questions (FAQs)

What is Field Level Security in Salesforce?

Field Level Security controls whether users can view or edit specific fields within Salesforce objects.

Why is Field Level Security important?

It protects sensitive information and ensures users only access data relevant to their responsibilities.

Does Field Level Security affect reports?

Yes. Hidden fields cannot be viewed in reports.

Can Permission Sets grant field access?

Yes. Permission Sets can provide additional field permissions.

What is the difference between Field Level Security and Page Layouts?

Field Level Security provides actual security, while Page Layouts only control display.

Does Field Level Security apply to APIs?

Yes. Field permissions are generally enforced across Salesforce APIs.

Internal Resources

Looking to learn more technologies and programming skills?

Click here for more free courses.