Breadcrumbs

Set up Care permissions

Care access is controlled by a set of granular permissions. Each permission grants a specific capability — for example, working with cases, deleting cases, or managing case fields. Administrators combine these permissions in roles to build the level of access each team member needs.

This article defines the permissions and what each one allows. To learn where to configure them in your account, use the chooser below.

Configure these permissions in your account

How you set up Care permissions depends on which governance model your account uses. If you are not sure which one applies, see User Roles and Permissions .

For information about Teams, see Govern Access to Account Resources Using Teams .

Care permissions

The following permissions are available for Care. Access care permission is the main one granting the access to Care module. All other permission can be turned on independently once the main one is activated.

Permissions that control what users can do with cases

Permission

What it allows

Access care

Access Care and work with cases assigned to the user, plus cases available through shared views. This is the baseline permission for using Care.

See all cases

Extends access beyond assigned cases and cases available through shared views. The user can view and work with all cases in the account, including unassigned cases and cases assigned to other users.

Delete cases

Permanently delete cases in Care, both individually and in bulk. Without this permission, the Delete option appears disabled (unclickable) in the case detail and in the bulk action bar.

Permissions that control Care settings

Each of these permissions grants access to one area of Settings > Care. Without the permission, the corresponding entry in the Care settings sidebar is disabled for the user.

Permission

What it allows

Manage case fields

Create, edit, reorder, activate or deactivate, and delete case fields in Settings > Care > Case fields.

Manage views

Create, reorder, activate or deactivate, and delete views in Settings > Care > Views. The user also sees every view in the account in the Care module, including views that were not explicitly shared with them.

Manage SLA policies

Configure targets, milestones, and conditions in Settings > Care > SLA policies.

Manage resources

Manage Skills, Capacity, and Auto-assignment in Care settings (assign skills, set capacity limits, enable or adjust auto-assignment).

Manage Care workflows

Create and manage workflows in Settings > Care > Workflows — automation rules such as auto-close, auto-unassign, automatic status changes, and grace period.

Permission that controls Care reporting

Permission

What it allows

Access Care reporting

Access Care reporting in Dashboards and Unified Analytics, including the Care self-service data source.

What every Care user can do, regardless of permissions

The following actions are part of the baseline Access care permission. Every user who can access Care can do these things on the cases they have access to (whether assigned, available through a shared view, or — with See all cases — any case in the account):

To interact with the customer in the case conversation (reply, like messages, and so on) and to assign a profile to a case, the user must also be assigned to the case. For more information, see Respond to a Care Case and Assign a Profile to a Care Case .

To delete a case, the user must also have the Delete cases permission. For more information, see Delete a Care Case .

Build a role for a specific Care job

Combine the permissions above to match the work a role is supposed to do. Some common patterns:

  • Front-line Care user. Only Access care. Works on assigned cases and shared views. Cannot change Care settings.

  • Team lead. Access care, See all cases, Manage views, and Manage case fields. Can oversee all cases and shape how the team organizes them, without full administrative control.

  • Care administrator. Every permission turned on. Full control over Care cases, settings, and reporting.

  • Reporting-only user. Only Access Care reporting. Sees Care metrics in Dashboards and Unified Analytics.

  • Senior agent. Access care, See all cases, and Delete cases. Can pick up unassigned cases or help across the team with an additional perk to delete cases.

For step-by-step instructions, see the procedure for your account type:

Connecting Care users to profiles

Profile permissions control two things in Care: which social profiles a user can interact with (publish, reply, like), and which cases from those profiles the user can see and manage. A user without a profile permission cannot see any cases originating from that profile, regardless of their Care role permissions.

How profile permissions are set up depends on your governance model:

Cases from social monitoring (Listening) that have no associated profile are accessible to all users with the Access care permission, regardless of profile permission setup.

Care-Salesforce integration permissions

Setting up the bi-directional integration between Care and Salesforce requires specific administrative permissions in addition to Care permissions. To learn more, see Set Up an Account Role with Permissions for Salesforce Integration .