Skip to main content

SF-0065 · Scenario · Medium

How to hide visibility of a field from user?

✓ Verified by Vikas Singhal · Last reviewed 5/17/2026

The supported way to hide a field is Field-Level Security (FLS) on the user’s profile and/or permission sets. Unchecking the Read access on the field for that profile/perm set removes the field from every surface in the platform — page layouts, list views, reports, search results, SOQL, the API. Hiding the field from a page layout alone is not the same thing; the field is still readable elsewhere.

The three ways FLS gets set

You can set FLS from three different places, and they all update the same underlying setting:

  1. Field-Level Security on the field definition. Setup → Object Manager → [object] → Fields → [field] → Set Field-Level Security. Shows a matrix of every profile × Visible / Read-Only.
  2. Field Permissions on the profile. Setup → Profiles → [profile] → Object Settings → [object] → Field Permissions.
  3. Field Permissions on a permission set. Setup → Permission Sets → [perm set] → Object Settings → [object] → Field Permissions.

All three edit the same data — pick whichever fits your workflow. To hide a field from a specific user, identify their profile and every assigned permission set, then turn off Read on the field in all of them.

Why FLS is the only real hide

Interviewers often probe whether you understand this point: removing a field from a page layout does NOT hide it. Users can still:

  • See the field in reports.
  • See the field in list views they create.
  • Query the field via SOQL, API, Workbench, or Data Loader.
  • See the field in global search results.

Only FLS = no Read truly removes the field across the platform.

Quick step-by-step

“Hide the Commission__c field from Sales Reps.”

  1. Open Setup → Object Manager → Opportunity → Fields & Relationships → Commission__c.
  2. Click Set Field-Level Security.
  3. Uncheck Visible for the Sales Rep profile and any other profiles where it should be hidden. Save.
  4. Check every permission set that touches Opportunity — if any of them grants Read on Commission__c, the field will still be visible to users assigned that perm set. Turn it off there too if needed.

Common interview follow-ups

  • What if the field is required at the API level but I want to hide it on the page layout for some users? Make it “Read-Only” in FLS for those users instead of fully hidden — they’ll see it but can’t edit it. Required-on-page-layout doesn’t apply to API requests anyway.
  • Does FLS affect formula fields? Yes, but formula fields’ visibility is also controlled by whether the user can read the referenced fields. A formula that references hidden fields can leak data.
  • What about Compact Layout, Highlight Panel, Search Layout? FLS overrides them all — a hidden field doesn’t appear anywhere.
  • What about reports the user inherits from another team? If the report queries Commission__c and the user lacks FLS Read, the column simply doesn’t appear in the user’s view of the report. The data is not leaked.
  • Master fields and master-detail relationships? Hiding the relationship field via FLS removes the field, but the user may still access related records through navigation if they have CRUD on the child.

When you might also hide a field from the page layout

After setting FLS, you might still remove the field from a specific page layout for UX reasons — to declutter a layout for a role that could see the field but doesn’t need to in their day-to-day. That’s a layout choice; it’s not a security control.

Verified against: Salesforce Help — Field-Level Security. Last reviewed 2026-05-17.