About Permission Sets
CPQ has a standard set of permissions that contain the access rights to fields and objects available in CPQ. These permission sets define whether the User can read, create, edit, and delete the records of an object and its fields. These permissions and the impact they have on the User are described below:
Permission | Description |
|---|---|
Read | Allows the User to view the existing records created for the object. |
Create | Allows the User to create a record for the object. |
Edit | Allows the User to edit the existing record of the object. |
Delete | Allows the User to delete a record of the object. |
View All | Allows the User to read and create records for an object. |
Modify All | Allows the User to edit and delete records for an object. |
Permission Sets | Usage |
|---|---|
Apttus CPQ Admin | This permission set must be assigned to system administrators. |
Apttus CPQ User | This permission set can be assigned to any user who is not a system administrator. |
Full Access (Existing Functionality)
Users with this permission set can view, edit, and delete all data within CPQ Admin.
Read + Delete Access
Users can view and delete data but cannot edit existing information. Edit-related actions are disabled.
Restricted Read Access
Users without read access to certain objects cannot view related pages inside CPQ Admin.
Impacted areas:
Product Data: Product details are removed, the landing page is blank, and the View Product dropdown is hidden.
Pricing Data: Pricing details removed, the pricing tab disabled, and pricing dropdowns are hidden.
Modification Restrictions: Users cannot modify pricing information anywhere in CPQ Admin. This update ensures that only authorized users can manage critical CPQ data while maintaining visibility where needed.
Read-Only Access:
Users can view CPQ Admin data but cannot edit or delete any information.
Edit and delete actions (buttons, fields) are disabled.
Viewing the Permission Sets
You can find the standard CPQ permission sets by following the steps below. If you are using permission sets that are not standard to CPQ, you must update permissions for new fields manually based on Conga CPQ Admin and Conga CPQ User permission sets.
You use Salesforce CPQ Admin to manage master data within Salesforce while running CPQ processes on the platform. Since different user personas interact with CPQ Admin pages,particularly Angular-based pages—you need stricter control over who can view or modify critical configuration data. Angular pages currently do not support permission-based access restrictions, which poses a security concern. To address this, use permission sets to control access at the object and field level within CPQ Admin.
| Action | Description |
|---|---|
| Price Rule Set Creation | Create and Edit access on Price Rule Set, Price Rule, and Price Rule Entry are mandatory to create a Price Rule Set. |
| Price Matrix Read Access from Price List Item Navigation | When navigating to Price List Item via Manage Price List, Read access to Price Matrix is required. |
| Charge Type Criteria Updates | To provide or update Charge Type Criteria, access to Price Matrix is mandatory. |
| Price List Creation | Create and Edit access on Price List is required to create a new Price List. |
| Price Rule Set Page – Charge Type Field Dependency | If the Charge Type field is present on the Price Rule Set detail page, Read access to Price List Item is required to successfully create the Price Rule Set. |
- Go to .
- Click Conga CPQ Admin or Conga CPQ User.
- Click Object Settings which contains a list of all the objects with their permissions.
- Click the object names to view the fields of the objects and their permissions.
