Role-based access control

Role is a central concept in Platform security. Each user is assigned one role.

Platform provides four built-in system roles:

• Administrator: A user with full access to all objects and all customization features.
• Portal User: Assigned to authenticated users of external-facing portals.
• Portal Guest: Assigned to non-authenticated users of external-facing portals. Unlike portal users, portal guests cannot log into a portal. Portal guests can only access public portal pages.
• Server API: Used to run bulk jobs and delayed triggers, as there is no user context to run. This role has all administrator permissions

You can define your own roles, add them to applications, and publish them along with other application components such as objects. Publishing a role includes permissions assigned to that role.

The following topics describe how role-based access control works, how to create roles and assign users to them, and how to set permissions for roles.