Mountains and a butterfly next to text that says, "How We're Addressing Challenges from the Record Access (Sharing) Roadmap."

An Inside Look at How We’re Addressing Challenges from the Record Access (Sharing) Roadmap

By

After diving into the record access (sharing) roadmap session during Dreamforce ‘22, and sharing more details in TrailblazerDX ’23, I want to provide highlights for those of you who weren’t able to able to attend in person.

As a product manager, I’m grateful for your feedback. Over the last several months, we’ve met with and heard from our #AwesomeAdmins during events, in meetings, on Twitter, on the Trailblazer Community, and on the IdeaExchange.

Except for the Generally Available (GA) features mentioned, everything in this blog post is forward-looking. I hope to see you in a community event or at Dreamforce ’23 with more to share! Come on a journey with us, giving us your feedback, and voting for the ideas you think we should work on. Let’s dive into a subset of the challenges in our roadmap session.

Challenge: Periodic account realignments—make them faster!

Your company has new employees, others are getting promoted or moving to new roles, and you’re doing a periodic account realignment. If your organization-wide default (OWD) is Private for Account, Contact, Opportunity, or Case, or you plan to make the OWD Private for one of these objects, review Faster Account Sharing Recalculation (15 minute video with more details or shorter knowledge article). We’re making multiple operations faster! In Spring ’23, you will need to submit a feature activation case with the sandbox orgID. In Summer ’23, there will be a release update, which will give you the option to enable it without contacting support. We plan on enabling this feature for all customers in an upcoming release, in a gradual manner, with sandboxes coming first, then production instances; get the benefits before we enable it for all customers.

Challenge: Hide sensitive field values

This is the only portion not focused on record access and sharing. You love dynamic forms, but need a security feature that protects field values accessed through list views, reports, and the API. Vote and comment on what will benefit you: criteria-based field-level security and restricting field visibility based on record owner rather than profiles. We started this journey with the ability to protect sensitive information on Employee, through employee field visibility rules, and then protected external users’ personally identifiable information (PII) with enhanced personal information management. There are more investments we need to make, from additional performance enhancements, to a way for admins to write rules to conditionally show (or hide) field values, to extending this to custom objects and finally to standard objects.

Challenge: Add more flexibility to rules

Restriction rules are great, but when will you add support for the other standard objects? Standard objects have special functionality, specific to their object, and require additional investment. Your feedback and voting is a key part of our product prioritization. Adding support for these standard objects is not currently being worked on at this time. If you’d like to see these objects supported, make sure to vote and make your voice heard! Here are links to some of the most requested standard objects: Account, Case, Contact, EmailMessage, Opportunity, Product2, Asset, and Lead. I’m hopeful we’ll add an IN operator, which would give you more flexibility.

For criteria-based sharing rules, we have no plans to support formula fields, as we don’t want your users to experience slower page loads. We may look into how we can provide you more flexibility, comparing field values on both the record and the user (for example, the ability to compare a field value on the record to the running user, such as [object].field = CurrentlyRunningUser.field). That said, we’ll make investments in restriction rules before we get to criteria-based sharing rules.

Challenge: Make the administrative experience better

At TrailblazerDX ‘23, we demoed seeing both object and record access within the Object Manager. We also showcased some demos on public groups. We’re starting the journey, evaluating the configuration experience for public groups, queues, and the sharing settings page. We also know we need to get better at providing you error messages that you can quickly action, such as Full description of “invalid cross reference id” error required.

Ideas, Trailblazer Community Group, and a Trailmix

Have feedback for us? Vote and comment on the ideas in this Quip, which covers most of the ideas discussed in our in-person roadmap session. You can also share feedback to our Record Access Trailblazer group. If you’re new to record access or want my recommendations on resources, see the Record Access trailmix.

Acknowledgments

Big thank you to the engineering teams who keep working on record access and sharing! Thank you to Anubha Dubey, for helping conduct the interviews on an improved admin experience, and to my manager, Cheryl Feldman, for her insights and partnership.

User management enhancements Winter '25

User Management Enhancements | Winter ’25 Be Release Ready

Winter ’25 is almost here! Learn more about user management and check out Be Release Ready to discover more resources to help you prepare for Winter ’25. We’re continuing to innovate in Setup starting with user access and user management. We have several exciting enhancements in store for Winter ’25–many thanks to your feedback and […]

READ MORE
Troubleshoot user access with SOQL

How to Troubleshoot User Access with SOQL (Beginner Friendly)

Awesome Admins, we know that troubleshooting user access is a common task. You’re frequently asked questions like “Why can Jane access this field, but John can’t?” or “Why can John view this record when he shouldn’t be able to?” In Summer ’24, we introduced helpful summary views for users, public groups, permission sets, and permission […]

READ MORE