The city was buzzing with excitement as the news of the latest financial technology firm, Company...
If you’ve been keeping tabs on Salesforce changes, you probably heard that profiles (think of them as a user’s default access badge) and traditional permission sets (which add extra access without replacing that badge) were on the chopping block, with a retirement date set for Spring ‘26.
Well, there’s been a plot twist: Salesforce has walked that back.
That’s right, they’re no longer enforcing the retirement of permissions on profiles in Spring ‘26. But don’t get too comfortable, because the writing on the wall is still pretty clear: Salesforce is steering the ship toward a permission set–based model.
Let’s break down what’s actually happening, what’s not happening (yet), and how your team can prepare for the future without scrambling at the last minute.
So, What Changed?
Salesforce originally announced plans to phase out most permission capabilities within profiles by Spring '26. That understandably sparked a lot of concern from admins.
Now? Salesforce hit pause. The message: “We hear you. We need to improve the admin experience before pulling the plug.”
But here’s the key point: Salesforce is no longer investing in profiles. All the new goodies—automation that simplifies repetitive tasks, policy-driven access that ensures security and compliance, and admin tools that enhance control and visibility—are being built for permission sets and permission set groups.
So yes, profiles are still here. But long-term? They’re being phased out in practice, even if not on paper (yet).
Why Start the Shift Now?
Glad you asked. It’s a strategic move, and even though you don’t have to abandon profiles right away, there are real advantages to making the move now:
- Scalability: Permission sets scale better across large or growing orgs.
- Compliance: A cleaner, more modular setup makes audits less painful.
- Future-proofing: You’ll be ready when new tools, like User Access Policies, go GA.
And let’s face it, you don't want to rush unraveling years of messy profiles and custom exceptions.
Tools That Are Shaping the Future
Here’s where Salesforce is putting its energy—and what you should get familiar with now:
Permission Set Groups—Bundle related permission sets into a single group (like everything a Sales rep needs) and assign that group to users instead of stacking permissions manually.
Why it matters: Fewer clicks, cleaner orgs, and less room for error.
User Access and Permissions Assistant (UAPA)—This free Salesforce app helps you:
- See who has what access (finally!);
- Spot over-permissioned users; and
- Test permission changes before you push them live.
Why it matters: It’s your cleanup sidekick and visibility engine.
User Access Policies (Beta)—This feature lets you automate permission assignments based on user attributes, like department, region, or title.
Why it matters: Say goodbye to manual provisioning. Let Salesforce do the heavy lifting based on logic you define.
How to Start (Without the Stress)
You don’t need to rip out profiles overnight. Instead, use this transition window to build a plan and roll it out in stages: Here’s how:
- Take Stock: Run a permissions audit using UAPA or tools like Strongpoint. You might be surprised by what you find—outdated roles, excess access, and long-forgotten permission sets.
- Group & Simplify: Create permission set groups aligned with job functions or departments. Keep it clean and logical.
- Reframe Your Strategy: Ditch the “profile plus patches” mindset. Instead, think modular and ask yourself, “What capabilities does this person need to do their job?”
- Level Up Your Team: Give your admins and architects time to learn the new tools. Salesforce Trailhead has excellent guides on permission set groups, UAPA, and access policies.
- Prep for Automation: Enrich user records with metadata like job title, department, and region. These will become rule triggers for automated access policies down the line.
The Bottom Line
- Salesforce isn’t enforcing the end of profile-based permissions (yet).
- But they’re not investing in them either.
- Everything new is happening in the permission-set ecosystem.
If you wait for a hard deadline, you’ll be playing catch-up, and that comes with risks. Transitioning early avoids future bottlenecks, improves security, and gives you more control.
Profiles might still be standing, but they’re not the future. The direction is clear: modular, automated, and scalable access management.
By starting the shift now, you’ll be in complete control of your timeline with fewer surprises.
Let’s Make It Easy
Need a hand making sense of all this?
DSG helps Salesforce teams untangle permission chaos, tighten security, and build smarter, more scalable access strategies—without the stress. Whether you’re just starting to clean up profiles or ready to roll out automation like User Access Policies, we’ve got your back.
Let’s talk. Drop us a line to schedule a quick, no-pressure consultation. Smart strategy starts with the right partner.
