Activate or Deactivate a Session-Based Permission Set Using a Flow

If you need to give particular users permissions to access functionality during specific times or under certain conditions, session-based permission sets are the way to go. But until now, you had to use code to activate a session-based permission set. Now you can activate one easily and declaratively by using a flow.
Available in: Enterprise, Performance, Unlimited, and Developer Editions

Activating a session-based permission set using a flow is easy. First, when you create your permission set, select Session Activation Required. This selection indicates that the permissions in the permission set are available only during specified sessions. Then create a flow using the Activate Session-Based Permission Set action available in the Cloud Flow Designer.The Activate Session-Based Permission Set static action in a flow.When a user runs the flow and the action fires, permissions associated with the permission set are enabled for the user.

You can also deactivate the permission set by including the Deactivate Session-Based Permission Set action in the flow.


You can run queries, however, do not make data or object updates in flows that also activate session-based permission sets.


You have a junior buyer in your org who occasionally requires access to your Contracts object. Create a permission set with access to the object. Then create a flow that uses the Activate Session-Based Permission Set action available in the Cloud Flow Designer. In the flow, pass the permission name to the action. During runtime, the action checks who’s running the flow. When the junior buyer runs the flow, the activation process fires. When the flow completes, the buyer has access to the Contracts object for the current session.