Problem
Users receive ‘Insufficient permissions: secure query included inaccessible field’ errors when attempting to bulk move services or add packages to itineraries. This blocks users from completing these operations.
What We Found
The errors occur because Kaptio queries use WITH SECURITY_ENFORCED, which requires users to have Field Level Security (FLS) access to all fields in the query. The affected users’ permission sets were missing read access to specific fields that these operations query.
Solution
- Identify the Permission Set or Permission Set Group assigned to the affected users
- Add read access to the field KaptioTravel__PaymentScheduleAssignment__c on the KaptioTravel__TimePeriod__c object
- Add read access to the field KaptioTravel__DepartureCabin__c on the KaptioTravel__PassengerItineraryUnitAssignment__c object
- Add object-level access to KaptioTravel__ServiceCabin__c and all its fields
- Save the permission set changes and have the user log out and back in to apply the new permissions
Notes
- This issue commonly occurs after package upgrades or sandbox refreshes when new fields are added to managed package queries
- The WITH SECURITY_ENFORCED clause in SOQL queries enforces FLS - if a user cannot see a field, the entire query fails
- Check user permissions proactively after major Kaptio upgrades to prevent similar issues
Warnings
⚠️ Do not modify the Kaptio managed permission sets directly - create custom permission sets that extend the base Kaptio permissions
Source: KHELP-12366