Back Up Your Tenant Secrets
Your Shield Platform Encryption tenant secret is unique to your org and to the specific data to which it applies. Salesforce recommends that you export your tenant secret to ensure continued access to the related data.
Required Editions
| Available in both Salesforce Classic (not available in all orgs) and Lightning Experience. |
| Available in: Enterprise, Performance, and Unlimited Editions with the Salesforce Shield or Shield Platform Encryption licenses. |
| Available for free in Developer Edition. |
| User Permissions Needed | |
|---|---|
| To generate, destroy, export, import, upload, and configure tenant secrets and customer-supplied key material: | Manage Encryption Keys |
Note Database Encryption does not support destroying, exporting, or
importing keys. To learn more, see the Shield Platform Encryption Architucture
Guide.
- From Setup, in the Quick Find box, enter Platform Encryption, and then select Key Management.
- In the table that lists your keys, find the tenant secret that you want to back up. Click Export.
-
Confirm your choice in the warning box, and then save your exported
file.
The file name is tenant-secret-org-<organization ID>-ver-<tenant secret version numer>.txt. For example, tenant-secret-org-00DD00000007eTR-ver-1.txt.
-
Note the specific version that you’re exporting, and give the exported
file a meaningful name. Store the file in a safe location so that you
can import it back into your org if needed.
Note Your exported tenant secret is itself encrypted.
Remember that exported key material is a copy of the key material in your org. To import an exported tenant secret, first destroy the original in your org. See Destroy a Tenant Secret.
Note This page is about Shield Platform Encryption,
not Classic Encryption. What's the difference?
See Also
Did this article solve your issue?
Let us know so we can improve!
