Overview of the Data Access Explorer
You can use the access explorer functionality in the Sales and Service Access Management work area to quickly troubleshoot data access issues reported by your users. These are some examples of the typical access issues you might have to investigate:
-
You create a custom sales representative role that removes access to all accounts but users assigned the custom role still have all account access. Which data access conditions or access group rules are providing the access?
-
A sales manager can't see opportunities assigned to her reports. Which data access condition or access group rule must she be assigned to get access?
To identify the cause of a user access issue, you must be able to see all the access a user currently has to object data, whether from data security policies or access group rules, and all the policies or rules that provide access to the relevant object or record. You can view both types of information on the Explore UI. You can:
-
Review all the access policies granted to a user for an object, and all the roles that provide the access.
-
Review all the access group rules granted to a user for an object, and all the access groups that provide the access.
-
Discover which data security policies and rules are affecting a user's ability to view a specific object record.
With this information, you can identify why a user can or can't view a specific record or records, and then grant or revoke the appropriate data access.