Secure Data Retrieval enforces Salesforce’s security model by dynamically grounding data access in the permissions of the user executing the prompt. This ensures compliance with CRUD (Create, Read, Update, Delete) and FLS (Field-Level Security) settings, preventing unauthorized access to sensitive data. For example, if a user lacks access to a specific object or field, the AI model cannot retrieve it for dynamic grounding.
"Run As" user permissions (A) would bypass user-specific security, posing a compliance risk.
Prompt template permissions (C) are not a Salesforce security mechanism; access is always tied to the user’s profile and sharing settings.
[Reference:, Salesforce Help Article: Secure Data Retrieval in Einstein Trust Layer ("User Context Enforcement" section)., Einstein Trust Layer Technical Guide: "Dynamic Grounding and Data Security" (User Permissions alignment)., ]
Submit