So we're building a Portal for users to create Orders (custom object). These orders will have an Account and Contact associated to them (which the portal user chooses).
The problem we're encountering is that even though the Portal user can see the Account, we get INSUFFICIENT_PRIVILEGES on Order creation which tracks back to them not being able to see the Contact.
They can see the Account just fine, but for some reason not the Contacts. (However they CAN see Contacts that are also Portal users?) Accounts are set to 'Private' and Contacts to 'Controlled by Parent', but we're sharing the Account with the Portal user – shouldn't that be enough to grant Contact Read access? Maybe I'm missing something obvious?
Best Answer
I think, sharing the accounts with Portal user won't give them access to related contact. Account - Contact are not exactly master-Detail relationship. (You can create a contact without Account). You can enable the external sharing and pick controlled by parent. I believe , this would work and allow user to see contact if they see account. I have done and verified this but it's worthy for a shot.