Allow Account Deletion Only for System Admins

In Salesforce, protecting mission-critical data like Account records is non-negotiable. These records often serve as the foundation for opportunities, contacts, cases, and more. Accidental or unauthorized deletions can lead to broken relationships, lost history, and major gaps in reporting.

In this blog, we explore an Apex trigger that adds a layer of security by ensuring only users with the System Administrator profile can delete Account records. It’s a simple yet powerful safeguard that enforces organizational data protection policies and reduces the risk of unintentional data loss.

This trigger runs in the before delete context and checks the profile of the user attempting the deletion. If the user is not a System Administrator, they are blocked from proceeding with a clear error message.

🧠 Why This Trigger Is Important


Even with Salesforce profiles and permissions, users might find themselves able to delete important data—especially during bulk operations, data imports, or when using tools like the Developer Console. While the user interface can limit access, triggers provide an additional layer of enforcement directly at the platform level.

With this trigger in place:

  • Account deletions are limited to trusted admin-level users

  • Unauthorized deletions are immediately blocked

  • A clear error message guides users without confusing them

  • System data remains protected, even if permission sets are modified or overlooked

  • You gain control over critical lifecycle events without needing complex approval flows

This is a smart way to make your Salesforce environment more secure, predictable, and audit-ready.

🔍 What This Blog Covers


  • How to enforce profile-based access control using Apex

  • Why it’s important to restrict deletion of master data like Accounts

  • How to use trigger logic to supplement user profiles and sharing rules

  • How to prevent record deletion during before delete events

  • How to structure the logic inside a handler class for maintainability

  • Where this fits into your broader Salesforce governance strategy

This approach gives you full control over who can delete what—no matter how the deletion is triggered.

🎯 Real-World Use Cases for This Trigger


  • Organizations with multiple user roles where only admins should delete Accounts

  • Sales teams needing protection from accidental deletions

  • Support environments where Account deletion could break related case data

  • CRM admins enforcing governance policies across teams

  • Audit-driven industries where data traceability and protection are required

Whether you’re managing a small team or a global Salesforce instance, this trigger ensures that your data stays safe and secure—only modifiable by those with full clearance.

👨‍💻 Developer & Admin Tips


Here’s how the trigger works:

  • It runs during the before delete phase, meaning it can stop the deletion before it happens

  • It checks the profile of the current user

  • If the user is not assigned the System Administrator profile, the system blocks the deletion and displays a helpful error message

The error is raised using a native platform method that prevents the DML action from completing. It’s immediate, effective, and visible directly in the user interface.

To keep things clean and reusable, the logic is placed in a trigger handler class. This setup supports better testing, scalability, and future enhancements if your business rules evolve.

This trigger is:

  • User-friendly — shows an explanatory message, not a system error

  • Bulk-safe — processes all records in the deletion list

  • Security-focused — adds control directly into your data layer

You can enhance this logic to:

  • Allow deletions by specific profiles or permission sets

  • Restrict deletions only for certain Account types or statuses

  • Add audit logs or Chatter notifications when a deletion attempt is blocked

Always test this trigger with both admin and non-admin profiles to confirm expected behavior across UI, API, and integration entry points.

🎥 Visual Demo Available – YouTube Playlist


For a step-by-step breakdown of this implementation, check out the Salesforce Makes Sense YouTube playlist. The video walkthrough includes:

  • How the trigger and handler are structured

  • Live testing of deletion attempts with different user profiles

  • Tips for customizing the logic to fit your org’s needs

  • A visual look at how the error message appears to end users

The playlist is designed to help both admins and developers implement these real-world Salesforce solutions with clarity and confidence.

Solution:

trigger AccountTrigger on Account (before delete)
             { if(Trigger.isDelete){ if(Trigger.isBefore){
                                                                      AccountTriggerHandler.checkProfileForDeletion(Trigger.old);
                        }
       }
}
public class AccountTriggerHandler{ public static void checkProfileForDeletion(List
          accList){

               Profile p = [SELECT Id FROM Profile WHERE Name = ‘System Administrator’];
               for(Account acc:accList){
               if(UserInfo.getProfileId() != p.Id){ acc.addError(‘Only System Administrator can delete
               Account’);
                             }
                }
       }
}

Want to Apply As Content Writer?

Apply Now!

Leave a Comment

Your email address will not be published. Required fields are marked *
Shopping Cart

Let's get you started!

Interested in writing Salesforce Content?

Fill in this form and we will get in touch with you :)