Access to Reports in Salesforce

Report access is based on the folder that the report is in. The folder is shared with named users, roles, and/or groups. So, any users in a given group or role can see that report. When you add someone to a Report folder you can give View, Edit, or Manage permission.

However, even if a user has access to the folder where a report is stored, they cannot see data in the report if their license or profile does not grant them permission to read the underlying object (e.g., standard objects like AccountsClosed A business entity/company, Opportunities, or Custom Objects).

Here is a breakdown of how license and object access impact reports:

  1. License-Level Restrictions

    • Salesforce License (Full CRMClosed Customer relationship management): Users have access to standard objects (Accounts, Opportunities, Cases, etc.) and can see them in reports.

    • Salesforce Platform License: These users can access custom apps and custom objects, but cannot access standard CRM objects like Opportunities or Cases in reports.

    • External/Community Licenses: Object access is severely limited based on the specific license (e.g., Customer Community vs. Partner Community) and Sharing Sets.

  1. Object-Level Security (CRUD)

    Even with the right license, a user must have "Read" permission on the object (via Profiles or Permission Sets) to see that data in a report. If they lack this, they will see an "insufficient privileges" error.

  1. Record-Level Security (Sharing)

    Reports honor sharing rules (Owner-based, Criteria-based, Role Hierarchy). A user can only see records in a report that they already have access to in the system.