Top 50 Salesforce Admin Interview Questions and Answers

Preparing for a Salesforce Admin interview ? This comprehensive guide covers the top 50 Salesforce Admin interview questions along with expert-level answers. Each answer includes clear examples and practical explanations to help you stand out. Whether you’re a beginner or an experienced admin, these questions will give you a deep understanding of core Salesforce concepts. Bookmark this page for future reference!

1. What is Salesforce and what is its core architecture?

Salesforce is the world’s leading cloud-based Customer Relationship Management (CRM) platform, designed to streamline sales, marketing, commerce, and customer service operations.

From an architectural standpoint, Salesforce operates on a Multi-Tenant Architecture. This means that multiple companies (tenants) share the exact same underlying IT infrastructure and software version, while their individual data and customizations are kept strictly isolated and secure.

2. What is the difference between Standard and Custom Objects?

In Salesforce, objects act as database tables that store specific kinds of information.

• Standard Objects: These are the default, out-of-the-box objects provided by Salesforce to support core CRM processes. Examples include Account, Contact, Lead, Opportunity, and many more. They come with built-in standard fields and specialized native functionality (e.g., Lead Conversion).
• Custom Objects: These are container objects created by an Administrator to map to a company’s unique business requirements. For example, a real estate company might create a custom object called Property__c.

Important Note: When you create a Custom Object, Salesforce automatically appends the __c suffix to its API name .

3. What is a Profile in Salesforce?

A Profile is a foundational collection of settings and permissions that define exactly what a user can see and do within the Salesforce platform. Every single user must be assigned to exactly one Profile.

Profiles historically controlled two main areas:

1. System & App Settings: Which Apps, Tabs, and Page Layouts a user sees, as well as IP restrictions and login hour limits.
2. Object & Field Security: Baseline CRED (Create, Read, Edit, Delete) permissions for objects and Field-Level Security (FLS).

Upcoming Update: Salesforce is currently transitioning away from using Profiles for object and field permissions. The modern best practice (and future mandate) is to use a “Minimum Access” Profile for base system settings, and use Permission Sets to grant all object and field-level permissions.

4. What are Permission Sets?

Permission Sets are additive security components used to grant users additional access beyond what their base Profile allows. They embody the Principle of Least Privilege, allowing administrators to grant granular access without creating dozens of bloated, customized Profiles.

Use Case: Imagine you have 50 users on a standard “Sales Rep” profile. Only 3 of those users are cross-trained to help out the Support team. Instead of creating a whole new “Sales & Support Rep” profile, you simply create a “Manage Cases” Permission Set and assign it only to those 3 specific users. Advanced Tip: Permission Sets can also be assigned temporarily (Session-Based Permission Sets) or bundled together into Permission Set Groups for easier role-based provisioning.

5. What is the purpose of Record Types in Salesforce?

Record Types are a powerful administrative tool used to offer different business processes, picklist values, and page layouts to different users based on their Profile.

How it works: A Record Type acts as an intersection point.
Real-World Example: An organization sells both to businesses (B2B) and individual consumers (B2C).

• You create a “B2B” Record Type and assign it a Page Layout showing “Company Tax ID” and “Industry” picklists.
• You create a “B2C” Record Type and assign it a Page Layout showing “Personal Email” and “Birthday.” By selecting the Record Type upon creation, the user gets a totally tailored UI and data entry experience on the exact same Account object.

6. What is the difference between a Role and a Profile?

This is one of the most common Salesforce interview questions. They serve completely different halves of the security model:

• Profile (The What): Controls Object-Level and Field-Level Security. It dictates what a user can do in the system (e.g., “Can this user Read and Edit Opportunity records? Can they see the Amount field?”).
• Role (The Which): Controls Record-Level Security. It dictates which specific records a user can see based on the organization’s Role Hierarchy (e.g., “The user can edit Opportunities, but because of their Role as a junior rep, they can only see the specific Opportunities they own, while their Manager can see the entire team’s Opportunities”).

7. What is a Restriction Rule?

While Sharing Rules and the Role Hierarchy are used to open up access to records, a Restriction Rule does the exact opposite. It enforces strict data security by limiting user access to certain records, completely overriding broader sharing settings.

Real-World Scenario: Your Org-Wide Default (OWD) for a custom Contracts__c object is set to “Public Read Only.” However, there are highly sensitive NDA contracts that only the Legal team should see. You can implement a Restriction Rule stating that if Contract_Type__c = 'NDA', then only users with the “Legal” role or profile can view the record. For everyone else, the record essentially disappears from list views, reports, and search results.

8. What is the difference between Workflow Rules, Process Builder, and Salesforce Flow?

These represent the evolution of declarative (point-and-click) automation in Salesforce.

• Workflow Rules (Legacy): The oldest automation tool. It can only execute four basic actions: Field Updates, Email Alerts, Task Creation, and Outbound Messages. It evaluates a single “If/Then” condition and only runs behind the scenes on DML operations.
• Process Builder (Legacy): A more advanced visual tool that allowed for multiple “If/Then” branches. It introduced actions like creating related records, posting to Chatter, and invoking Apex code.
• Salesforce Flow (The Modern Standard): Flow is an incredibly powerful visual programming logic engine that can query the database, loop through records, display UI screens to users (Screen Flows), and handle complex before/after save record triggers.

Important Interview Note: Salesforce has officially announced the retirement of both Workflow Rules and Process Builder. Administrators can no longer create new Workflow Rules or Process Builders. All new declarative automation must be built using Salesforce Flow, and organizations are actively migrating their legacy automations to Flow.

9. What is a Flow in Salesforce?

A Flow is an application that automates complex business processes without code. Salesforce Flow consists of:

• Screen Flows (interactive, user-facing)
• Scheduled Flows (time-based automation)
• Auto-launched Flows (run in the background)

Flows can update records, send emails, create tasks, integrate with external systems, and more. They are created using Flow Builder, a drag-and-drop tool.

10. What is a Validation Rule?

A Validation Rule is a logical expression that prevents a user from saving a record unless certain criteria are met. It helps ensure data quality and consistency.

Example: To prevent a case from being closed without providing a reason:

AND(ISPICKVAL(Status,"Closed"), ISBLANK(Reason__c))

AND(ISPICKVAL(Status,"Closed"), ISBLANK(Reason__c))

If this evaluates to TRUE, the record won’t save and an error message will be displayed.

11. What is the difference between a Lookup and a Master-Detail Relationship?

• Lookup Relationship: Creates a loosely coupled relationship between two objects. Child records can exist without a parent. Deleting a parent does not delete the child.
• Master-Detail Relationship: Creates a tightly coupled relationship where the child record is completely dependent on the parent. Deleting the parent automatically deletes the child. Roll-up summary fields can be used on master-detail relationships.

Example: An Invoice (child) might have a lookup to Account (parent), while a Line Item (child) must be related to an Order (master-detail).

12. What are Roll-Up Summary Fields?

Roll-up Summary Fields allow you to calculate values such as SUM, COUNT, MIN, and MAX on child records and display them on the parent record, but only when a master-detail relationship exists.

Example: Count the number of Opportunities related to an Account or sum the value of total closed-won Opportunities for reporting.

13. What is a Junction Object?

A Junction Object is used to create a many-to-many relationship between two objects. This is done by creating a custom object with two master-detail relationships.

Example: A custom object called “Enrollment” could serve as a junction object between “Student” and “Course”.

14. What is a Queue in Salesforce?

A Queue in Salesforce is a place where records wait to be processed. Queues are used for objects like Leads, Cases, or Custom Objects and can be assigned to groups of users.

Example: When a lead is created, it can be assigned to the Sales queue. Any sales rep can pick up the lead and work on it.

15. What are Assignment Rules?

Assignment Rules determine how leads or cases are automatically assigned to users or queues based on criteria like region, priority, or product type. This helps automate record routing.

Example: All leads from the US can be assigned to the “US Sales Team.”

16. What is the Recycle Bin in Salesforce?

The Recycle Bin stores deleted records for 15 days, during which admins or users (with permission) can restore them. After 15 days, the records are permanently deleted.

Note: You can access it from the App Launcher by searching for “Recycle Bin.”

You could read detailed information about Recycle Bin : Click Here

17. What is Data Import Wizard?

The Data Import Wizard is a point-and-click tool in Salesforce that allows users to import data for standard objects (like Contacts, Leads, Accounts) and custom objects. It is best suited for small data sets (up to 50,000 records).

18. What is Data Loader?

Data Loader is a client application used for bulk import, export, update, and delete of data. It supports larger volumes (up to 5 million records) and offers more advanced features like scheduling and command-line usage. You can download Data Loader from here.

Difference from Import Wizard: More control, better suited for admins and developers.

19. What are Sharing Rules in Salesforce?

Sharing Rules are automated rules used to extend lateral access to records for users who wouldn’t otherwise be able to see them based on the Organization-Wide Defaults (OWD) or the Role Hierarchy. It is crucial to remember that Sharing Rules can only open up access; they can never be used to restrict access.

• Owner-Based Sharing Rules: Share records owned by a specific group of users (e.g., a specific Role or Public Group) with another group of users.
• Criteria-Based Sharing Rules: Share records that meet specific field criteria (e.g., Industry = 'Technology') with a target group of users, regardless of who owns the record.

Real-World Scenario: OWD for Accounts is set to Private. You have an “Enterprise Tiger Team” that needs Read/Write access to all Accounts where Annual_Revenue__c > $1,000,000. You would create a Criteria-Based Sharing Rule to share these high-value accounts with the “Enterprise Tiger Team” Public Group.

20. What is a Public Group and when should you use it?

A Public Group is a logical grouping of users within Salesforce used primarily to simplify the administration of sharing rules, folder access (like Reports and Dashboards), and assignment rules.

Unlike Queues, which are used to take ownership of records (like Cases or Leads), Public Groups cannot own records. A Public Group can be incredibly flexible, as it can contain:

• Individual Users
• Roles
• Roles and Subordinates
• Other Public Groups (nested groups)

Best Practice: Whenever you create a Sharing Rule, avoid sharing it with specific roles if the business process might scale later. Instead, share it with a Public Group. You can easily add or remove users/roles from the Public Group later without having to recalculate or modify the core Sharing Rule.

21. How does the Role Hierarchy impact record access?

The Role Hierarchy is a data access model that reflects a company’s data visibility chain of command, which often differs from the actual HR organizational chart. It grants vertical access: users positioned higher in the hierarchy automatically gain the exact same level of access to records owned by or shared with users below them.

22. What are Organization-Wide Defaults (OWD)?

Organization-Wide Defaults (OWD) form the foundational baseline of Salesforce’s security model. They define the absolute most restrictive level of access that a user has to a record they do not own.

• Private: Only the record owner and those above them in the hierarchy can view/edit the record.
• Public Read Only: All users can view the record, but only the owner/management can edit it.
• Public Read/Write: All users can view and edit the record.
• Public Read/Write/Transfer: (Available for Leads and Cases) All users can view, edit, and change ownership of the record.

Key Concept: In Salesforce security, you start by locking down the data to the most restrictive level required by the business using OWD. Then, you use Role Hierarchy, Sharing Rules, and Manual Sharing to progressively open up access like a funnel.

23. What is Manual Sharing and who can perform it?

Manual Sharing allows users to grant one-off, specific access (Read or Read/Write) to an individual record for another User, Role, or Public Group. It is used for exception-handling when a user needs temporary access to a record that isn’t covered by OWD or automated sharing rules.

Who can manually share a record?

1. The Record Owner.
2. A user sitting above the Record Owner in the Role Hierarchy.
3. A user granted “Full Access” to the record.
4. System Administrators (or users with the “Modify All Data” permission).

Important: If the owner of a record changes, all Manual Shares associated with that record are automatically dropped by the system and must be recreated if still needed.

24. What is Field-Level Security (FLS) and how does it differ from Page Layouts?

Field-Level Security (FLS) strictly controls a user’s ability to view or edit specific fields on an object, universally. It is configured at the Profile or Permission Set level.

The Rule of FLS vs. Page Layouts: FLS is evaluated at the API/database level, while Page Layouts are only evaluated at the UI level. FLS will always override the Page Layout.

• If a field is set to “Hidden” in FLS but added to the Page Layout, the user will not see it.
• If a field is set to “Read-Only” on the Page Layout but “Editable” in FLS, the user cannot edit it on the standard UI screen, but they can still edit it via Data Loader, API, or List Views. Therefore, FLS is the only secure way to lock down sensitive data (like Social Security Numbers or Salary).

25. What is the function of a Page Layout?

Page Layouts control the visual organization of the record detail page in the classic UI structure. They determine which fields, sections, related lists, custom links, and standard/custom buttons are visible to the user.

Administrators can create multiple Page Layouts for a single object and assign them dynamically using Page Layout Assignments, which intersect the user’s Profile with the Record Type of the record being viewed. (e.g., A “Sales Profile” sees a different layout for a “Software Deal” Record Type than a “Support Profile” does).

26. What is a Compact Layout?

A Compact Layout determines which key fields appear in the Highlights Panel at the very top of a record page in Lightning Experience, as well as in the Salesforce Mobile App header and in the preview cards that appear when you hover over a lookup relationship link.

27. What are Lightning Record Pages and how do they differ from Page Layouts?

While Page Layouts organize the traditional “Details” tab and “Related Lists,” Lightning Record Pages govern the entire architecture of the screen in Salesforce Lightning. Built using the Lightning App Builder, they allow admins to drag and drop standard, custom, or third-party Lightning Components onto a page.

The Superpower of Lightning Pages: Dynamic Component Visibility. You can configure a Lightning Record Page to conditionally show or hide entire components (or field sections using Dynamic Forms) based on record data, user profiles, or device type. For example, you can set a bright red “Overdue Account” Rich Text warning component to only appear if the Account_Status__c field equals ‘Overdue’.

28. What is the Salesforce AppExchange?

The AppExchange is Salesforce’s enterprise cloud marketplace. It is a massive ecosystem where administrators and developers can find, evaluate, and install third-party applications, Lightning components, Bolt solutions, and consulting services to extend the functionality of their Salesforce org without writing custom code.

Types of Packages:

Unmanaged Packages: Open-source templates. Once installed, the code and metadata are fully visible and editable by your team, but they cannot be automatically upgraded by the creator and do count against your org limits.

Managed Packages: Fully upgraded, supported, and protected apps (like DocuSign or Conga Composer). Their code is hidden, and they do not count against your org’s custom code or object limits.

29. What is a Sandbox?

A Sandbox is a copy of your production environment used for development, testing, and training without affecting real data. Types include Developer, Developer Pro, Partial Copy, and Full Sandbox.

Tip: Always test in Sandbox before deploying to Production.

You can refer this for more detailed information about Sandbox differences Click here

30. How do you deploy changes from Sandbox to Production?

You can deploy changes using Change Sets, Salesforce CLI (SFDX), or third-party tools like Gearset or Copado.

Best Practice: Use outbound change sets to migrate metadata and test using validation before deploying.

31. What is a Change Set?

A Change Set is a deployment tool in Salesforce used to transfer metadata (like objects, fields, workflows) between related orgs, typically from Sandbox to Production.

Limitation: You cannot use Change Sets to deploy data.

32. What are Reports in Salesforce?

Reports are lists of records that meet defined criteria. You can summarize data, apply filters, and group by fields. Salesforce offers four types: Tabular, Summary, Matrix, and Joined Reports.

You can refer this for more detailed information about Reports : Click here

33. What are Dashboards and Dynamic Dashboards?

A Dashboard is a visual representation of report data, utilizing components like charts, tables, metrics, and gauges to provide real-time, at-a-glance insights for decision-making. Every dashboard component is powered by an underlying “Source Report.”

Technical Nuance (Dynamic Dashboards): By default, a dashboard runs as a specific user (e.g., the VP of Sales), meaning everyone who views it sees exactly what the VP sees, regardless of their own security settings. A Dynamic Dashboard, however, runs as the “Logged-in User.” This means the dashboard securely filters its data in real-time, ensuring users only see the metrics derived from records they personally have access to.

34. What is a Report Type (Standard vs. Custom)?

A Report Type is the architectural blueprint that dictates which objects, relationships, and fields are available when a user builds a report.

• Standard Report Types: Automatically generated by Salesforce when objects and relationships are created (e.g., “Accounts with Contacts”). They are rigid and only show “A with B” relationships.
• Custom Report Types (CRTs): Built by administrators to handle complex reporting needs.

The Power of CRTs: A Custom Report Type allows you to link up to 4 objects. More importantly, it allows you to query “A with or without B” (an outer join), rename columns specifically for that report type, and bring in fields via lookup relationships without explicitly adding the object to the report hierarchy.

35. What are Report Subscriptions (Scheduled Reports)?

Report Subscriptions allow users to schedule reports to run automatically at defined intervals (daily, weekly, or monthly) and have the results emailed to themselves or a group of users.

Use Case: Automatically emailing a “High Priority Open Cases” report to the Support Management team every morning at 8:00 AM.
Limit: An individual user can typically subscribe to up to 7 reports. Administrators must be mindful of this limit and utilize Public Groups or dashboard subscriptions for wider distribution.

36. What is the App Launcher?

The App Launcher is the primary navigation grid in Lightning Experience (the 3×3 dots icon in the top left). It serves as the master menu allowing users to quickly search for and switch between Lightning Apps, standard objects, custom objects, and connected external applications.

Admin Tip: You can control which Apps and Tabs appear in the App Launcher for different users by modifying their Profile or Permission Set settings, ensuring a clean, role-specific UI.

37. What is the difference between Global Actions and Object-Specific Actions?

Actions in Salesforce are shortcuts that allow users to quickly create records, log calls, or trigger flows.

• Global Actions: Located in the global header (the ‘+’ icon at the top right). They can be accessed from anywhere in Salesforce. Because they are global, they have no automatic relationship to the record you are currently viewing. (e.g., “Log a General Call” or “Create a New Lead”).
• Object-Specific Actions: Located on a specific record’s page layout. They automatically establish a relationship. If you click a “New Contact” object-specific action while on the “Acme Corp” Account page, the new Contact is automatically parented to Acme Corp.

38. What is Chatter and Feed Tracking?

Chatter is Salesforce’s secure, enterprise-level social collaboration tool. It allows users to post updates, share files, run polls, and @mention colleagues directly on records or in dedicated groups.

Feed Tracking: An essential Admin feature that automatically posts a system-generated update to the Chatter feed whenever a user changes a tracked field.
Real-World Example: If you enable Feed Tracking on the Amount field of an Opportunity, the entire sales team is immediately notified in the Chatter feed whenever a deal’s value increases or decreases, creating a transparent audit trail of collaboration.

39. What defines a Lightning App?

A Lightning App is a curated collection of navigation tabs, objects, and components tailored to support a specific business process or persona (e.g., a “Sales App” vs. an “IT Helpdesk App”).

Customization via App Manager: Administrators can deeply customize a Lightning App by choosing its branding (colors/logos), determining its navigation style (Standard Navigation vs. Console Navigation), and adding a Utility Bar , a fixed footer that gives users instant access to tools like a CTI Softphone, Notes, or Recent Items no matter where they navigate within the app.

40. What is the difference between Matching Rules and Duplicate Rules?

These two features work together to maintain data hygiene, but they serve completely different purposes:

• Matching Rules (The How): Define the exact logic and criteria used to identify if a record is a duplicate. (e.g., “Match if First Name is fuzzy, AND Last Name is exact, AND Email is exact”).
• Duplicate Rules (The What): Define what action the system should take when the Matching Rule finds a duplicate. Should it Block the user from saving? Or should it Allow the save but show a warning Alert and log it in a Duplicate Report?

Important Note: You can configure Duplicate Rules to bypass restrictions for specific users, such as Integration Users, to ensure API data syncs don’t fail unexpectedly.

41. What are Custom Settings?

Custom Settings are similar to custom objects and allow administrators to store configuration data in the system cache, meaning it can be accessed extremely fast by Apex code, validation rules, or flows without querying the database (saving SOQL limits).

• Hierarchy Custom Settings: Can assign different configuration values based on the specific User or Profile accessing them (e.g., defining different discount limits for the Sales Rep profile vs. the Sales VP profile).
• List Custom Settings: (Note: These are legacy and strongly discouraged by Salesforce. Administrators should use Custom Metadata Types instead).

42. What is a Custom Metadata Type (CMDT)?

Custom Metadata Types are the modern, superior alternative to List Custom Settings. They allow you to define custom configurations, mappings, and application secrets that are accessible across the platform.

Advantage: Because they are metadata and not data, Custom Metadata records can be packaged and deployed between environments (from Sandbox to Production) using Change Sets or DevOps tools. Additionally, querying CMDT via SOQL in Apex does not count against the transaction’s 100 SOQL query governor limit.

43. How does Field History Tracking work and what are its limits?

Field History Tracking is an auditing feature that tracks the lifecycle of field changes. When enabled, it records the Old Value, the New Value, the User who made the change, and the Date/Time of the change in a related history list.

• The history data is only retained and visible in the UI for 18 months, and queryable via the API for up to 24 months. If an enterprise requires longer retention (e.g., for compliance), they must purchase the “Field Audit Trail” add-on.

44. What is a Permission Set Group?

A Permission Set Group (PSG) is a feature that allows Administrators to bundle multiple Permission Sets together into a single, assignable persona.

Use Case: Instead of individually assigning a “Create Reports” permission set, an “Export Data” permission set, and a “Manage Leads” permission set to every new hire, you bundle them all into a “Sales User PSG.” Advanced Feature (Muting): PSGs include “Muting Permission Sets,” which allow you to subtract a specific permission from the group. If the Sales User PSG grants delete access, but you have junior reps who shouldn’t delete records, you can use a muting permission set to strip away that specific right without altering the base permission sets.

45. What is a Formula Field ?

A Formula Field is a read-only field that automatically derives its value in real-time by evaluating a formula expression using math operations, text concatenations, logical IF statements, or cross-object references.

46. What are Dynamic Forms?

Dynamic Forms allow you to show/hide fields and sections on a Lightning Record Page based on user permissions or record data without using page layouts.

Tip: Increases performance and user experience.

47. What are Dynamic Actions?

Dynamic Actions enable you to control the visibility of action buttons (like Edit, Delete) on a Lightning Record Page. Visibility can be based on user profile, record field, or device.

48. What are Audit Fields in Salesforce?

Audit Fields include Created By, Created Date, Last Modified By, and Last Modified Date. These fields help track who made changes and when.

Admin Tip: You can request Salesforce to enable field value setting for these during data migration.

49. What are Login IP Ranges and Login Hours?

These are profile-level security settings:

• Login IP Ranges: Restrict logins from specific IP addresses.
• Login Hours: Restrict logins to specific time ranges.

Example: Only allow logins from office IPs during business hours.

50. What is the difference between Profile and Permission Set?

• Profile: A Profile is mandatory for every user and defines their baseline access to Salesforce features, including object, field, tab, and app access. It also sets rules for login hours, IP restrictions, and more.
• Permission Set: A Permission Set is an add-on that extends a user’s access without modifying their Profile. It is used to grant additional permissions to specific users when needed.

Example:
A user in the “Sales Rep” profile has access to create and edit Opportunities. However, they may need access to custom reports for a special campaign. Instead of creating a new profile, you can assign a Permission Set called “Custom Reports Access” to that user.

Best Practice: Use minimal profiles and layer on permission sets to scale access management.