Read restriction rules
  • 14 Feb 2025
  • Dark

Read restriction rules

  • Dark

Article summary

Use read restriction rules to grant or limit access to objects like quotes, accounts, and agreements based on dynamic conditions. These rules provide flexibility to model your business requirements around protected access to business data.

For example, a read restriction rule lets you limit user access only to their own quotes and agreements or allow them to modify opportunities only within their assigned organizational unit.

CPQ includes the following predefined restriction rules:

  • Accounts

    • User has access to account if user is its creator

    • User has access to account if user is its owner

    • User has access to account if user is one of its partner functions

  • Quotes and agreements under negotiation

    • User has access to quote if user is its creator

    • User has access to quote if user is its owner

    • User has access to quote if user is one of its partner functions

    • User has access to quote if user has access to its account

    • User has access to quote if its creator's Organization Unit is in the hierarchy of the user's Organization Unit


    Even though the rule names include only the word "quote," they apply to both quotes and agreements under negotiation. If you use only agreements management capabilities in Zilliant CPQ, you can still use these predefined rules.

  • Published agreements

    • User has access to agreement if user has access to its account

View read restriction rules

  1. From the application left navigation area, select Administration.

  2. On the top navigation bar, select Master Data Management.

  3. Scroll or search, then select Read Restriction Rule to view the list of defined rules.

Define conditions

Each read restriction rule must include at least one condition. To define a new condition:

  1. From the application left navigation area, select Administration.

  2. On the top navigation bar, select Master Data Management.

  3. Scroll or search, then select Condition.

  4. Select to add a line to the list of conditions, then select it.

  5. Enter or select values to create the condition:

    • Name—Enter a unique name for the condition. This name appears in the list of conditions used to assign to a rule.

    • Business Type—Select the object, such as account, opportunity, or quote.


      • For agreements under negotiation, select Quote as Business Type.

      • For published agreements, select Agreement as Business Type.

    • Attribute—Select an attribute, such as creator, owner, or organization unit.

    • Operator—Select an operator value.

    • Condition Value—Select a value used to perform the respective test. Available values depend on the selections made for Business Type and Attribute.

  6. Select Save.

Define read restriction rules

  1. From the application left navigation area, select Administration.

  2. On the top navigation bar, select Master Data Management.

  3. Scroll or search, then select Read Restriction Rule.

  4. Select + to add a line to the list of read restriction rules, then select it. Enter or select values  to create the read restriction rule:

    • Name—Enter a unique name for the read restriction rule.

    • Rule Status—Define whether the rule is active or inactive.

    • Conditions—Select conditions to apply to this rule. The system grants users access only when all conditions are true.

  5. Select Save.


If you use both agreements management and quoting capabilities in Zilliant CPQ, you must create the Is Quote Agreement condition and add it to all rules for agreements under negotiation. To create the condition, follow these steps and enter the following information:

  • Name—Is Quote Agreement

  • Business Type—Quote

  • Attribute—Is Quote Attribute

  • Operator—equal to

  • Condition Value—true

Was this topic helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.