Authorization

Authorization is the process of determining what a user is permitted to do within a CRM after their identity has been confirmed through authentication. Where authentication answers "Who are you?", authorization answers "What are you allowed to access?" In B2B CRM, authorization is typically managed through a combination of roles, permission sets, and record-level sharing rules that together define whether a user can view, create, edit, or delete specific records. Getting authorization right is critical for protecting sensitive commercial data — ensuring that a sales rep in one region cannot see accounts owned by another territory, or that a partner portal user cannot access internal pricing.