Usually the email or phone call starts off something like this: “I clicked on this [insert link, Account, etc. here] and I’m getting this error ‘Insufficient Privileges’ – I know I should be able to see this and I need you to fix this NOW!”
You probably know the error all to well. A user- for some reason- can’t access what they think they should and Salesforce is giving them an error. This was a daily occurrence for me when I moved my organization from a completely read/ write organizational setting to a read only. At first, it was painful for some users. I guess they were like stallions who were used to roaming the open range- but then the evil Admin Mike put a fence around them. Truth be told, the fence was for their safety- to protect them from changing valuable data. But of course the user may not always see it that way. So here are my 5 tips for tackling this error.
1. Check to see if they really should have access.
Ok. Hang on to your pitchforks and “Mr. Obvious” statements for a second. But let me tell you first hand this is where you start. I love my users dearly. But they aren’t always right- I mean, they are in their heads- the problem is that isn’t always correct out in the world. So when you get that dreaded email ask what they were trying to view and double check with their manager that they should have access to see/ download it.
2. What’s the Profile say?
So the user was right- they do need access. Now where do we go? The Profile. Remember from your Salesforce Admin 201 course that the Profile controls all. I start by looking at the Profile to make sure they have access to the object that contains the information. This comes in handy when someone shares a report link with another user who may not have access to the object being reported on.
3. Check the FLS.
Field Level Security is another way to keep data security. But sometimes over-zealous Admins (eh hem… yours truly) will be a bit strict with it. The result can be a bit less than for the user. So check the Field Level Security to see if that User has a Profile where the field is accessible.
4. Share and share alike.
In most of my cases this has been the issue- A user shared a link to a record with another user but forgot to Share the Account, Contact, Lead, etc. So when the second user clicked on the link they got an Insufficient Privileges error. In my case, it was users (who shouldn’t have been editing Accounts) trying to edit Accounts. So in that case it was a good thing. But it also occurred when they needed to attach documents in the Notes & Attachments field. In that case, I set up a sharing rule and used Page Layouts to enforce data protection.
5. Check the folder access.
I see the Insufficient Privileges error come up quite a bit with users sharing reports via a URL. The problem can arise when the user who is getting the report shared to them doesn’t have access to the report because it’s in a folder they can’t access. Uh? Did you follow that? Let’s try that again. Let’s say Gavin has this awesome report (chart included) and wants to send it a colleague- we will call her Claire. But Gavin forgot that he saved a report to a folder that Claire doesn’t have access to. So when Claire clicks on the link- guess what happens? Yup. Insufficient Privileges error.
Resources to help you resolve the error
Salesforce Help and Training has a wealth of articles that can assist you in understanding and resolving this error:
- Resolving Insufficient Privileges Errors
- Resolve object-level access errors by reviewing the user profiles and permission sets.
- Resolve record-level access errors by reviewing the sharing settings, such as organization-wide defaults and sharing rules.
- Resolve process-level errors by reviewing validation rules and Apex triggers.
The key to dealing with this error is to think your way through it and don’t let the craziness of the user throw off your thorough process. Remember, as a Salesforce Admin you think and see things differently than they do. They see a website that is shutting them down, you see an opportunity to shine and show your skills – at least I do. Be sure to investigate all of your settings, this could be a learning moment for you and a real chance to show off your professionalism.
Alright, that’s how I deal with that pesky error. How do you tackle it?