Defining field level security rules

Use field level security to restrict access to specific fields within an object.

Before you begin

You must enable System Administration Mode before you can define field level security.

Procedure

  1. Click Administration > Security Rules.
  2. Click the name of the object type for which you want to define a security rule.
  3. Click Add adjacent to Field Level Security Rules.
  4. Add a name and description for the security rule.
  5. Add the formula for the security rule.

    You can type the formula or use the Path, Field, and Terms to define parts of the formula. You can also use a combination of both. For more information, see Grammar for security rules.

    1. To reference another object, either a parent or child, complete the following actions.
      For more information, see Paths for parent and child objects.
      1. Click Path.
      2. In the Parent or Child field, specify whether the path follows parent objects or child objects.
      3. Select the object type that is the starting point for the path.
      4. Select the object type that is the ending point for the path.
      5. Click Search to view the possible paths.
      6. Select one or more paths. If you select more than one path, use the Combine Paths field to specify how to use the multiple paths. Select Any Path if you want to use any of the paths or select All Paths if you want all paths to be used for the rule to be applied.
      7. Click Insert.
    2. To define a field condition, complete the following actions.
      For more information, see Terms for data types.
      1. Click Field.
      2. Select an object type.
      3. Select the field that you want to use.
      4. Select an operator. The list of operators changes depending on the field data type.
      5. Enter the value of the field condition.
      6. Click Insert to add the field condition into the rule formula.

      If you type the field condition, ensure that you use system names. If you do not specify an object type, the rule uses the object type for the object to which the rule applies. If you specify an object type, the object type must be either the subject of the rule or be specified in a path expression that contains the field reference.

      Optionally, you can use square brackets to ensure that when elements of field references contain spaces or other special characters, these field references are parsed.

    3. To add operators or keywords, use the Terms menu.
  6. Click Choose Fields, and select the fields on which to apply the security rule, then click Apply.
  7. For each field, specify the access controls.
    Read Only
    Users can read the field values, but not update them.
    Read and Update
    Users can read and update the field values.
  8. Click Save.