Who this is for: Admins and anyone editing a candidate or contact profile with mapped fields.
Field Sync doesn't check a user's permissions on the field they're not editing. If you can edit the candidate side of a mapping, your change goes through to the contact side too, even if your own permissions don't let you open or edit that contact field directly.
How it works
Say a custom field called Job Stage Notes exists on the Candidate entity, mapped to a Deal Stage Notes field on the Contact entity. A recruiter has edit access to the candidate field, but the contact field is restricted to Admins only.
When the recruiter updates the candidate field, the contact field updates too, automatically, even though that recruiter couldn't have opened the contact field and edited it directly.
This is expected behavior, not a permissions leak. The update happens at the system level as part of the sync, not as the user directly editing a field they don't have access to.
Things to know
Field-level permissions still control what a user can see and directly edit on each entity. They don't control whether sync fires once a value changes on the mapped side
This works in both directions — edits on the contact side can update candidate-side fields a user doesn't have access to, just as easily as the reverse
If you need a field's value to stay genuinely independent for restricted users, don't map it. Sync removes that separation entirely, for every user who can edit either side