+ Start a Discussion

Customer portal role hierarchy issue.

Hello friends,


I have some understanding gap with customer portal role hierarchy.


I had read on wiki as below :

"When you enable a Customer Portal on an account, the system creates a role hierarchy for the account's portal users. The portal roles are unique for each account and include the account's name. For example, “Account A Customer User.” In your organization's overall role hierarchy, this account-specific hierarchy is directly below the account owner."


So lets say  Account A was created by a salesforce user having role 'YW'
So will customer portal role hirarchy created for account A will come under this role 'YW' or any salesforce role ??


Thanks You.




Yes that comes under the role of account owner, However I saw these portal roles are not displayed into role hierarchy structure.

Hi folks, That is correct, the roles are created under the role of the account owner. You do not see these roles in the Setup > Manage Users > Roles lists because it would be unusable - a portal could have many 100s of Ks of these roles. You can however see these roles by name on the pages where you assign things to groups. For example, when creating a sharing rule, you can select a portal role by name as the source or target group. Bud Vieira PM Sharing, Salesforce.com

Hey friends. thanx for the reply,


I have a custom object 'x' . The customer portal users have create priviledge on this object. We have made this object as private.


So this object  should only be visible to salesforce user which has the role same as the user role who created the portal account or is above this role in the hierarchy.


But what we find is that the salesorce user which do not have any role assigned is also able to see the records of x object created by customer portal user.


I think this should not be possible, please tell me why this salesforce user not having any role is able to view the records created by customer portal user?


Thanks & Regards,



Hi Gnasa,


Have you reviewed the Profile or PermSet  permissions of the user who doesn't have a role? If they have any of the following permissions, they will be able to see all records of object X:


  • Modify All Data
  • View All Data
  • Modify All Records (for X)
  • View All Records (for X)

If they don't have any of these permissions, we'll have to dig deeper ...



Hey thanx,


for the fast response.. I will check it n let u know :-)




So the owner of the account must always be active while the portal user is trying to use the portal? Or is it only when the portal user is signed up ?