Tooling API

Introducing Tooling API
SOAP Calls
Tooling API Objects and Namespaces
Tooling API Objects
AccountPlanObjMeasCalcCond
AccountPlanObjMeasCalcDef
ActivationPlatform
AdvAcctFrcstDisplayGroup
AdvAccountForecastSet
AdvAcctForecastMeasureDef
AIApplication
AIApplicationConfig
AnimationRule
ApexClass
ApexClassMember
ApexCodeCoverage
ApexCodeCoverageAggregate
ApexComponent
ApexComponentMember
ApexEmailNotification
ApexExecutionOverlayAction
ApexExecutionOverlayResult
ApexLog
ApexOrgWideCoverage
ApexPage
ApexPageInfo
ApexPageMember
ApexResult
ApexTestQueueItem
ApexTestResult
ApexTestResultLimits
ApexTestRunResult
ApexTestSuite
ApexTrigger
ApexTriggerMember
AssignmentRule
AuraDefinition
AuraDefinitionBundle
AuthorizedEmailDomain
AutoResponseRule
BrandingSet
BrandingSetProperty
BriefcaseDefinition
BusinessProcess
BusinessProcessDefinition
BusinessProcessFeedback
BusinessProcessGroup
BusProcessFeedbackConfig
Certificate
CleanDataService
CleanRule
ColorDefinition
CommunityWorkspacesNode
CompactLayout
CompactLayoutInfo
CompactLayoutItemInfo
ConnectedApplication
ContactCenterChannel
ContainerAsyncRequest
ConversationChannelDefinition
ConversationVendorInfo
CspTrustedSite
CustomApplication
CustomField
CustomFieldDisplay
CustomFieldMember
CustomHelpMenuSection
CustomHttpHeader
CustomNotificationActionGroup (Beta)
CustomNotifActionDef (Beta)
CustomNotificationType
CustomMsgChannel
CustomObject
CustomTab
DataAssessmentConfigItem
DataIntegrationRecordPurchasePermission
DataSourceBundleDefinition
DataStreamTemplate
DataType
DebugLevel
DelegateGroup
DelegateGroupGrant
DelegateGroupMember
DeployDetails
DeployRequest
Document
DomainProvision
DuplicateJobDefinition
DuplicateJobMatchingRuleDefinition
EmailTemplate
EmbeddedServiceBranding
EmbeddedServiceConfig
EmbeddedServiceCustomComponent
EmbeddedServiceCustomization
EmbeddedServiceCustomLabel
EmbeddedServiceFieldService
EmbeddedServiceFlow
EmbeddedServiceFlowConfig
EmbeddedServiceLiveAgent
EmbeddedServiceMenuItem
EmbeddedServiceMenuSettings
EmbeddedServiceQuickAction
EmbeddedServiceResource
EngagementInsightType
EnrichedField
EntityDefinition
EntityLimit
EntityParticle
EventDelivery
EventRelayConfig
EventSubscription
ExtConvParticipantIntegDef
ExternalAuthIdentityProvider
ExternalClientAppSettings
ExternalCredential
ExternalDataSource
ExternalDataSrcDescriptor
ExternalServiceRegistration
ExternalString
ExternalDataTransportFieldTemplate
ExternalDataTransportObjectTemplate
ExternalStringLocalization
FieldDefinition
FieldMapping
FieldMappingField
FieldMappingRow
FieldRestrictionRule
FieldSet
FlexiPage
Flow
FlowDefinition
FlowElementTestCoverage
FlowTest
FlowTestCoverage
FlowTestResult
ForecastingDisplayedFamily
ForecastingFilter
ForecastingFilterCondition
ForecastingSourceDefinition
ForecastingType
ForecastingTypeSource
FormulaFunction
FormulaFunctionAllowedType
FormulaOperator
GenAiFunctionDefinition
GenAiPlannerDefinition
GlobalValueSet
Group
GtwyProvPaymentMethodType
HeapDump
HistoryRetentionJob
HomePageComponent
HomePageLayout
IconDefinition
InboundNetworkConnection
InboundNetworkConnProperty
Index
IndexField
InstalledSubscriberPackage
InstalledSubscriberPackageVersion
InvocableActionExtension
IPAddressRange
KeywordList
Layout
LightningComponentBundle
LightningComponentResource
LightningOutApp
LookupFilter
ManagedContentNodeType
ManagedContentType
ManagedEventSubscription (Beta)
MarketingAppExtension
MarketingAppExtAssignment
MarketingAppExtActivity
MarketingAppExtAction
MatchingRule
MenuItem
MetadataComponentDependency (Beta)
MetadataContainer
MetadataPackage
MetadataPackageVersion
MLDataDefinition
MLField
MLFilter
MLPredictionDefinition
ModerationRule
NamedCredential
ObjectHierarchyRelationship
OmniSupervisorConfig
OperationLog
OpportunitySplitType
OrgDomainLog
OutboundNetworkConnection
OutboundNetworkConnProperty
OwnerChangeOptionInfo
PackageInstallRequest
PackageUploadRequest
PackageVersionUninstallRequestError
PathAssistant
Package2
Package2Member
Package2Version
Package2VersionCreateRequest
Package2VersionCreateRequestError
PardotTenant
PathAssistantStepInfo
PathAssistantStepItem
PaymentGatewayProvider
PermissionDependency
PermissionSet
PermissionSetAssignment
PermissionSetGroup
PermissionSetGroupComponent
PermissionSetTabSetting
PipelineInspMetricConfig
PlatformEventChannel
PlatformEventChannelMember
PlatformEventSubscriberConfig
PresenceDeclineReason
PresenceUserConfig
PostTemplate
ProcessFlowMigration
ProductAttributeSet
Profile
ProfileLayout
Publisher
QueryResult
QueueRoutingConfig
QuickActionDefinition
QuickActionList
QuickActionListItem
RecentlyViewed
RecommendationStrategy
RecordActionDeployment
RecordType
RegisteredExternalService
RelatedListColumnDefinition
RelatedListDefinition
RelationshipDomain
RelationshipInfo
ReleaseUpdate
ReleaseUpdateStep
RemoteProxy
RestrictionRule
SandboxInfo
SandboxProcess
SandboxProcessStage
SchedulingObjective
SchedulingRule
SearchLayout
SecurityHealthCheck
SecurityHealthCheckRisks
ServiceChannel
ServiceFieldDataType
ServicePresenceStatus
Scontrol
ShiftSegmentType
SiteDetail
Skill
SOQLResult
SourceMember
SourceMemberDeployRequest
StandardAction
StaticResource
SubscriberPackage
SubscriberPackageVersion
SubscriberPackageVersionUninstallRequest
SvcCatalogCategory
SvcCatalogCategoryItem
SvcCatalogFulfillFlowItem
SvcCatalogFulfillmentFlow
SvcCatalogItemDef
SymbolTable
TabDefinition
Territory2SupportedObject
TestSuiteMembership
TimeSheetTemplate
TimeSheetTemplateAssignment
TraceFlag
TransactionSecurityPolicy
User
UserAccessPolicy
UserAccessPolicyAction
UserAccessPolicyFilter
UserCriteria
UserEntityAccess
UserFieldAccess
ValidationRule
VirtualVisitConfig
WebLink
WebStoreTemplate
WorkflowAlert
WorkflowFieldUpdate
WorkflowOutboundMessage
WorkflowRule
WorkflowTask
WorkSkillRouting
WorkSkillRoutingAttribute
SOAP Headers for Tooling API
REST Headers for Tooling API
PDF

Newer Version Available

This content describes an older version of this product. View Latest

RestrictionRule

Represents a restriction rule or a scoping rule. A restriction rule has EnforcementType set to Restrict and controls the access that specified users have to designated records. A scoping rule has EnforcementType set to Scoping and controls the default records that your users see without restricting access.
This object is available in API version 52.0 and later.

Supported SOAP API Calls

create(), delete(), describeSObjects(), query(), retrieve(), update(), upsert()

Supported REST API Methods

DELETE, GET, HEAD, PATCH, POST, Query

Special Access Rules

Only users with the View Restriction and Scoping Rules permission can view restriction rules and scoping rules via the API. Only users with the Manage Sharing permission can view, create, update, and delete restriction rules and scoping rules.

Fields

Field Details
Description
Type
textarea
Properties
Filter, Group, Nillable, Sort
Description
Required. The description of the rule.
DeveloperName
Type
string
Properties
Filter, Group, Sort
Description
The unique name for the RestrictionRule object.
This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores. This field is automatically generated, but you can supply your own value if you create the record using the API.
Only users with View DeveloperName OR View Setup and Configuration permission can view, group, sort, and filter this field.
EnforcementType
Type
picklist
Properties
Defaulted on create, Filter, Group, Restricted picklist, Sort
Description
Required. The type of rule.
Possible values are:
  • FieldRestrict—Don’t use.
  • Restrict—Restriction rule.
  • Scoping—Scoping rule.
FullName
Type
string
Properties
Create, Group, Nillable
Description
Required. The full name of the associated RestrictionRule in Metadata API. The full name can include a namespaceprefix.
Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance.
IsActive
Type
boolean
Properties
Defaulted on create, Filter, Group, Sort
Description
Indicates whether the rule is active (true) or not (false). The default value is false.
Language
Type
picklist
Properties
Defaulted on create, Filter, Group, Nillable, Restricted picklist, Sort
Description
The language of the rule. The value for this field is the language value of the org.
MasterLabel
Type
string
Properties
Filter, Group, Sort
Description
Label for the rule.
Metadata
Type
mns:RestrictionRule
Properties
Create, Nillable, Update
Description
The restriction rule’s metadata.
Query this field only if the query result contains no more than one record. Otherwise, an error is returned. If more than one record exists, use multiple queries to retrieve the records. This limit protects performance.
RecordFilter
Type
textarea
Properties
Create, Filter, Group, Sort, Update
Description
Required. The criteria that determine which records are accessible via the rule.
TargetEntity
Type
picklist
Properties
Filter, Group, Restricted picklist, Sort
Description
Required. The object for which you're creating the rule. We recommend that you don’t edit this field after the rule is created.

If EnforcementType is set to Restrict, custom objects, external objects, and these objects are supported:

  • Contract
  • Event
  • Quote
  • Task
  • TimeSheet
  • TimeSheetEntry

If EnforcementType is set to Scoping, custom objects and these objects are supported:

  • Account
  • Case
  • Contact
  • Event
  • Lead
  • Opportunity
  • Task
UserCriteria
Type
textarea
Properties
Create, Filter, Group, Sort, Update
Description
Required. The users that this rule applies to, such as all active users or users with a specified role or profile.
Version
Type
int
Properties
Filter, Group, Sort
Description
Required. The rule's version number.

Usage

The following is an example of a RestrictionRule representing a restriction rule.

1{
2    "FullName":"restriction_rule_tasks_you_own",
3    "Metadata": {
4        "active":true,
5        "description":"Allows users of a specific profile to see only tasks that they own.",
6        "enforcementType":"Restrict",
7        "masterLabel":"Tasks You Own",
8        "recordFilter":"OwnerId = $User.Id",
9        "targetEntity":"Task",
10        "userCriteria":"$User.ProfileId = '00exxxxxxxxxxxx'",
11        "version":1
12    }
13}

The following is an example of a RestrictionRule representing a scoping rule.

1{
2    "FullName":"Department A contact scoping rule",
3    "Metadata": {
4         "active":true,
5         "description":"View contacts from Department A.",
6         "enforcementType":"Scoping",
7         "masterLabel":"SR for Department A",
8         "recordFilter":"Department=$User.Department",
9         "targetEntity":"Contact",
10         "userCriteria":"$User.UserRoleId = '00Exxxxxxxxxxxx'",
11         "version":1
12    }
13}