In step 2, we defined the specific attribute as being field-security-enabled. In step 4 to step 8, we defined a security profile; we defined what access the profiles enable in step 6, and we added Users/Teams that are part of this security profile.
In this particular example, we enabled a Read privilege; however, we can also define Create and Update privileges.
Behind the scenes, the user is granted access to that specific field and will be able to read the value behind it.
Field-level security applies to all layers, including the SDK, the web API, and reports.
Field-level security cannot be applied to attributes that are part of an alternate key combination.
Note that if a user does not have read access to a field, the user will still be able to see the field itself in the web interface but the value will be replaced by dots.