About Permission Sets
CPQ has a standard set of permissions that contain the access rights to fields and objects available in CPQ. These permission sets define whether the User can read, create, edit, and delete the records of an object and its fields. These permissions and the impact they have on the User are described below:
Permission | Description |
|---|---|
Read | Allows the User to view the existing records created for the object. |
Create | Allows the User to create a record for the object. |
Edit | Allows the User to edit the existing record of the object. |
Delete | Allows the User to delete a record of the object. |
View All | Allows the User to read and create records for an object. |
Modify All | Allows the User to edit and delete records for an object. |
The following table lists the standard permission sets available in CPQ and their usage.
Permission Sets | Usage |
|---|---|
Apttus CPQ Admin | This permission set must be assigned to system administrators. |
Apttus CPQ User | This permission set can be assigned to any user who is not a system administrator. |
There are different sets of permissions for an administrative role and a regular user role. You must assign the permission sets to the Users accordingly.
To improve data security and access control within Salesforce CPQ Admin, new permission settings are introduced more granular permission settings in this release. This update ensures that different user roles can access only the necessary data to protect sensitive information on Angular pages that do not support standard permission set restrictions.
Following are the enhanced permission levels:
Full Access (Existing Functionality)
Users with this permission set can view, edit, and delete all data within CPQ Admin.
Read + Delete Access
Users can view and delete data but cannot edit existing information. Edit-related actions are disabled.
Restricted Read Access
Users without read access to certain objects cannot view related pages inside CPQ Admin.
Impacted areas:
Product Data: Product details are removed, the landing page is blank, and the View Product dropdown is hidden.
Pricing Data: Pricing details removed, the pricing tab disabled, and pricing dropdowns are hidden.
Modification Restrictions: Users cannot modify pricing information anywhere in CPQ Admin. This update ensures that only authorized users can manage critical CPQ data while maintaining visibility where needed.
Read-Only Access:
Users can view CPQ Admin data but cannot edit or delete any information.
Edit and delete actions (buttons, fields) are disabled.
Viewing the Permission Sets
You can find the standard CPQ permission sets by following the steps below.
If you are using permission sets that are not standard to CPQ, you must update permissions for new fields manually based on Apttus CPQ Admin and Apttus CPQ User permission sets.
- Go to .
- Click Apttus CPQ Admin or Apttus CPQ User.
- Click Object Settings which contains a list of all the objects with their permissions.
- Click the object names to view the fields of the objects and their permissions.
