Erick Sixto
Book a call
Products·Available now

Access Analyzer

Explain why any user has or lacks any permission

Available now
$199USD
Get Access →

RequiresEnterprise, Unlimited, Developer, Performance. Not supported on Professional, Essentials, Group editions.

Features

What's inside.

Trace any permission

Pinpoint the exact profile or permission set granting access

One-click fix

Ship the minimum safe change, from the same screen

Works on any permission

Object, field, record type, app — anything a profile or perm set can grant

No data leaves your org

Runs entirely inside Salesforce. No external services.

In action
CRUD results — every source evaluated, decisive winner highlighted.
CRUD results — every source evaluated, decisive winner highlighted.
Field-level detail — read, edit, and hidden states per field.
Field-level detail — read, edit, and hidden states per field.
Record-page widget — auto-detects the object and user in context.
Record-page widget — auto-detects the object and user in context.
Standalone app — for deep audits on any user and permission.
Standalone app — for deep audits on any user and permission.
Overview

Why Access Analyzer

Every Salesforce admin has lived this: a user swears they can't see a field, or can see one they shouldn't. You open their profile. Then permission sets. Then permission set groups. Then muting sets. Thirty minutes later you still aren't sure which one is the decisive source.

Access Analyzer collapses that maze into one clear answer.

What you get

  • The decisive source, highlighted. Profile, permission set, permission set group, muting set — all evaluated together. The winning source is called out so you know exactly what to edit.
  • Object and field-level detail. CRUD at the object. Read/edit/hide at the field. All on one screen, for any user, on any object.
  • Works on every page. A standalone app for deep audits, plus a record-page widget that auto-detects the current object. Drop it on Account, Opportunity, or a custom object — zero configuration.
  • Copy-ready explanations. Plain-English sentences you can paste straight into a Jira ticket, audit note, or help-desk reply.
  • Stays in your org. No external services. No data leaves Salesforce. Nothing persisted beyond the package's own metadata.

Who it's for

Admins running orgs with more than a handful of profiles and permission sets. Especially:

  • Teams onboarding users into roles that were defined three admins ago.
  • Security reviewers who need an evidence trail, not a theory.
  • Consultants auditing an org on their first week.

How it works

Install the package. Open the Access Analyzer app from the App Launcher, pick a user and a permission, and read the answer. Or add the Access Analyzer Widget to any Lightning record page and it auto-detects the object and user in context.

Both surfaces return the same information: every source that grants (or denies) the permission, with the decisive winner highlighted.

Salesforce edition requirements

Access Analyzer is built on Apex and Lightning Web Components, which require an edition that allows installed Apex code.

Works on: Enterprise, Unlimited, Developer, and Performance editions (including their sandboxes and scratch orgs).

Does not work on: Professional, Essentials, and Group editions — these Salesforce editions do not allow installed Apex, which the tool depends on. If you're on one of these, there's no workaround; Salesforce itself blocks the install.

Questions

Does it touch my data?

No. Everything runs inside your Salesforce org. Nothing is persisted, nothing is exported, no external services are called. Strict CRUD and FLS enforcement throughout.

How does installation work?

One URL opens the Salesforce installer. Takes about two minutes. Works in Production, Sandbox, Developer Edition, and Scratch orgs.

Which Salesforce editions are supported?

Access Analyzer requires Apex class support, so it works on Enterprise, Unlimited, Developer, and Performance editions. It does NOT work on Professional, Essentials, or Group editions — those do not allow installed Apex. Sandbox and scratch orgs of supported editions are fully supported.

What happens if I find the permission is wrong?

Access Analyzer explains exactly which profile or perm set to edit. You make the fix in Setup — the tool points to the decisive source so you change the minimum safe thing.

Is it on the AppExchange?

No — Access Analyzer is distributed directly as an Unlocked Package. That means no Security Review queue, no middleman, and a lower price. You install it with a URL just like an AppExchange package.

Can I see the source code?

Yes — this is distributed as an Unlocked Package, so all Apex, LWC, and metadata is readable inside your org after install.

How do I uninstall?

Setup → Installed Packages → Uninstall. Access Analyzer stores no data outside its own metadata, so uninstall is clean.

Get access

Ready to install?

One URL. Two minutes. Works in every Salesforce edition that supports installed Apex code.

Buy now — $199