Manage Access to Custom Processes and Apps (Generally Available)

When creating custom processes and apps, developers can now use custom permissions to control which features users can access at a granular level. Then, administrators can assign custom permissions in permission sets and profiles, making it easy to specify which users can access specific features.
Available in: Enterprise, Performance, Unlimited, Developer, and Database.com Editions

In Salesforce, many features require access checks that specify which users can access certain functions. Permission set and profiles settings include built-in access settings for many entities, such as objects, fields, tabs, and Salesforce pages. However, permission sets and profiles don’t include access for some custom processes and apps. For example, for a time-off manager app, all users might need to submit time-off requests, but only a smaller set of users need to approve time-off requests. You can use custom permissions for these types of controls.

Custom permissions let you define access checks that can be assigned to users via permission sets or profiles, similar to how you assign user permissions and other access settings. For example, you can define access checks in Apex that make a button on a Visualforce page available only if a user has the appropriate custom permission.

With the Winter ’15 release, custom permissions include the following enhancements.
  • You can specify required custom permissions for other custom permissions. A required custom permission is a custom permission that must be enabled when the parent custom permission is enabled.
    Note

    Note

    In existing Developer Edition organizations, the Required Custom Permissions related list in the Custom Permissions detail page will appear after October 17, 2014.

  • Custom permissions are available in unmanaged as well as managed packages.
  • Profile settings in packages now include custom permissions.

For more information, see “Custom Permissions” in the Salesforce Help.