PermissionSetAssignment

Represents the association between a User and a PermissionSet. This object is available in API version 22.0 and later.

Supported Calls

create(), delete(), describeSObjects(), query(), retrieve()

Fields

Field Name Details
AssigneeId
Type
reference
Properties
Create, Filter, Group, Sort
Description
ID of the User to assign the permission set specified in PermissionSetId.
PermissionSetId
Type
reference
Properties
Create, Filter, Group, Sort
Description
ID of the PermissionSet to assign to the user specified in AssigneeId.

Usage

Finding Permission Set Assignments
Use the PermissionSetAssignment object to query permission set assignments to find out which permission sets are assigned to which users. Because each user may be assigned to many permission sets and each permission set may be assigned to many users, each PermissionSetAssignment ID represents the association of a single user and single permission set.
For example, to search for all of the permission sets assigned to a particular user:
SELECT Id, PermissionSetId
FROM PermissionSetAssignment
WHERE AssigneeId = '005600000017cKt'
To search for all users assigned to a particular permission set:
SELECT Id, AssigneeId
FROM PermissionSetAssignment
WHERE PermissionSetId = '0PS30000000000e'
You can also create a new permission set assignment, or use delete to remove a permission set that's assigned to a user. To update an assignment, delete an existing assignment and insert a new one.
User Licenses
When assigning a permission set, if the PermissionSet ​ has a UserLicenseId, its UserLicenseId and the Profile ​UserLicenseId must match. To determine a user's license assignment, query the user's profile and then query the profile's license.
For example, to find a user's profile ID:
SELECT Id, ProfileId
FROM User
WHERE Id = '005D0000001GMAT'
To find a permission set's UserLicenseId:
SELECT Id, LicenseId
FROM PermissionSet
WHERE Id = '0PS30000000000e'
If the IDs match, the assignment succeeds.
To find all the permission sets with no license that are assigned to any user:
SELECT Id, Assignee.Name, PermissionSet.Name
FROM PermissionSetAssignment
WHERE PermissionSet.LicenseId = null

See Also