Both Restriction Rules and Scoping Rules are used to control record visibility, but they serve different purposes.
1. Restriction Rules (Limit Record Access)
🔹 Purpose: Restrict
the records a user can access beyond the existing org-wide defaults
(OWD), sharing rules, or role hierarchy.
🔹 Effect:
- Prevents
users from viewing, searching, or reporting on certain
records.
- Works
in List Views, Lookups, Reports, and Searches.
- Only
allows users to see records that match the restriction rule conditions.
🔹 Key
Characteristics:
Works on Standard & Custom Objects
(e.g., Cases, Contracts, Opportunities, Custom Objects).
Applied on
top of existing sharing rules to further restrict access.
Controlled using User
Criteria (Profile, Role, or Permission Set) + Record Field Conditions.
🔹 Example Use
Case:
A support agent should only see Cases assigned to their
region, even if the role hierarchy would otherwise allow them
to see all cases.
2. Scoping Rules (Improve Data Filtering)
🔹 Purpose: Filter
records a user sees by default in Lookups and
List Views without restricting access.
🔹 Effect:
- Users can
still search and access all records they have permission to see.
- Helps
users focus on relevant records without removing access.
🔹 Key
Characteristics:
Only affects default filtering,
not actual permissions.
Users can manually remove the filter to see all accessible
records.
Does not apply
to Reports, Global Search, or SOQL queries.
Set using User Criteria (Profile, Role, Permission Set) + Record Field
Conditions.
🔹 Example Use
Case:
A sales rep should see only open Opportunities in their
region by default, but they can still search for all opportunities
they have access to.
Key Differences
|
Feature |
Restriction Rules 🔒 |
Scoping Rules 🔍 |
|
Purpose |
Limits access to records |
Improves record filtering |
|
Effect |
Hides records completely |
Sets default filters (users can remove) |
|
Applies To |
List Views, Lookups, Reports, Searches |
List Views, Lookups |
|
Impact on Access |
Users cannot access restricted records |
Users can remove filter to see all records they have
access to |
|
Use Case |
Hide sensitive customer cases from unauthorized users |
Show only open deals by default for sales reps |
When to Use Which?
✔ Use Restriction Rules when
you need to enforce security and ensure that users cannot
access certain records at all.
✔ Use
Scoping Rules when you want to filter records for a better
user experience but still allow full access when needed.
