Free Tool — No Signup Required

Salesforce Sharing Rules & OWD Auditor

Paste Sharing Rules metadata XML or your Org-Wide Defaults summary, or upload .sharingRules-meta.xml files. Instantly surface over-permissive OWD settings, public group leaks, criteria sprawl, and stale rules — all in your browser.

🔒 All analysis runs client-side. Your sharing metadata never reaches a server.
Paste your Sharing Rules XML
Retrieve from SFDX: sf project retrieve start -m SharingRules then paste. Multiple objects supported — concatenate them.
Optional: Paste OWD Summary (enhances analysis)
Paste your org's OWD matrix from Setup → Sharing Settings. Format: ObjectName: Internal=Private, External=Private (one per line)
Paste your Org-Wide Defaults summary
From Setup → Sharing Settings. One object per line: ObjectName: Internal=AccessLevel, External=AccessLevel
🔗

Drop your Sharing Rules files here

Retrieve from SFDX: sf project retrieve start -m SharingRules

.sharingRules-meta.xml Multiple objects OK
Each file corresponds to one object's sharing rules. Drop multiple to audit your full sharing model.

Auditing your sharing model…

Running all risk checks. Usually takes under a second.

Parsing sharing rules and OWD metadata
Checking OWD for over-permissive access
Scanning for public group leaks
Detecting criteria sprawl and redundancies
Identifying stale and legacy patterns
🔗 Sharing Audit

🔒 Sharing model is only half the picture — who can do what matters too.

→ Audit your permission sets at /permissions → Audit your validation rules at /validator
Sharing Model Risk Report
0 rules
/100
OWD Exposure
Public Group Leaks
Criteria Sprawl
Role Hierarchy
Stale Patterns
🌐 Over-Permissive OWD
👥 Public Group Leaks
📋 Criteria-Based Rule Sprawl
🏗 Role Hierarchy Holes
🔧 Manual Share Sprawl
🕳 Stale & Legacy Patterns

📋 Share with your team

Copy a plain-text executive summary to paste into Slack, Jira, or your next security review. Or download a formatted PDF to share with compliance stakeholders.

Ready to go deeper?

Get live sharing model analysis across your whole org

This auditor detects what's visible in exported metadata. A live org connection cross-references sharing rules against actual record counts, user role assignments, and public group membership — so you see exactly which records are exposed and to whom.

Live OWD exposure cross-referenced with record counts
Public group membership drill-down
Criteria rule conflict detection with field existence check
Weekly risk score with prioritized remediation queue

No spam. Get notified when live sharing model analysis ships. Cancel anytime.

Further Reading

→ Salesforce Admin Debt: 7 Signs Your Org Needs an Audit