Transaction Security uses resource metering to help
prevent malicious or unintentional monopolization of shared, multi-tenant platform resources.
Metering prevents transaction security policy evaluations from using too many resources and
adversely affecting your Salesforce org.
Required Editions
Available in both Salesforce Classic (not available in all orgs) and Lightning
Experience.
Available in: Enterprise, Unlimited, and Developer
Editions
Requires Salesforce Shield or Salesforce Event Monitoring add-on
subscriptions.
Salesforce meters transaction security policies for uniform resource use. If a policy request
can’t be handled within three seconds, a fail-close behavior occurs, and access is blocked.
Transaction Security implements metering by limiting policy execution. If the elapsed execution
time exceeds three seconds, the user’s request is denied.
Here’s an example of how metering works. Let’s say your org has four LoginEvent policies set up
with a notification action. A user triggers every policy. The first three execute within three
seconds, but the final policy exceeds the three-second limit. Transaction Security stops
processing the policies and fails closed, blocking the user’s login request. Because the policy
evaluations didn’t finish, a notification isn’t sent.
Bypass Metering-Related Blocking
Legitimate long-running processes, such as
bulk API calls, can cause transaction security policy requests to take more than the allotted
time. In these cases, metering initiates and blocks the user’s action.
If you encounter this
situation regularly, you can prevent metering from blocking user actions with the bypassMeteringBlock field on the EventSetting metadata type. If
all your transaction security policies specify no action, metering doesn’t block user
operations. If metering occurs, policy notifications aren’t sent. Policies with block actions
still block when triggered.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
