The Permission Check tool is a utility available in the Axsy Config Tool that flags objects that are inaccessible for a configured user by checking object access granted via permission sets. 


More information on the Permission Check tool, and how it is configured can be found in the following article: Permission Check.


Some objects in Salesforce (such as CaseParticipant) cannot have their access granted via permission sets. As a result, they may appear incorrectly as inaccessible for users in the Permission Check tool. To correctly mark these objects as accessible, you can configure implicit object access by providing the Permission Check tool with an additional list of permitted objects via a JSON file. This configuration can be applied at the org, profile, or user level.


When to Use This Procedure

  • The Permission Check tool highlights objects in red that the configured user has access to.
  • The highlighted objects cannot have their access granted through permission sets.
  • Examples include CaseParticipant, or AccountContactRelation.


Step 1 - Identify the Objects

Determine which objects need to be added. These are objects that have been flagged as inaccessible by the Permission Check tool, and where access cannot be granted via permission sets.


Note: As the Permission Check tool cannot verify that the configured user has access to these objects, you should verify that these objects are accessible.


Step 2 - Create a JSON File

Create a new JSON file that contains the list of objects that the configured user has access to. The JSON file needs to be configured with a top-level permittedObjects prop that contains an array of strings; each containing the API name of the permitted object. See Figure 1 for an example JSON file.


Figure 1 - Example Permitted Objects JSON File


Step 3 - Upload the JSON File to Salesforce

  1. Go to Files in Salesforce.
  2. Upload your JSON file.
  3. After uploading, open the file's detail page by clicking View File Details, and note the 18-digit ContentDocument ID in the URL.


Step 4 - Update Axsy App Config Custom Settings

  1. In Salesforce Setup, navigate to Setup > Custom Code > Custom Settings.
  2. Locate Axsy App Config Settings and click Manage.
  3. Create or edit a setting record at the correct scope:
    • Org - Applies to all users.
    • Profile - Applies to a specific profile.
    • User - Applies to a specific user.
  4. In the Extra Settings File field, paste the ContentDocument ID from Step 3.
  5. Save your changes.


Step 5 - Verify Using Permission Check

  1. Re-run the Permission Check tool.
  2. Objects included in the JSON file should no longer be flagged as inaccessible for the configured user.
  3. If they still appear in red, double-check:
    • The JSON file format is correct.
    • Object API names are accurate.
    • The ContentDocument ID in Custom Settings matches the uploaded file.
    • The Custom Setting is applied for the configured user.