Loading

Guest User Security, Rollout Plan, Extension and Additional Support

Udgivelsesdato: Oct 13, 2022
Beskrivelse

As part of our focus on continuous improvement, we will be releasing changes to enhance the security of your org. These changes could potentially impact your guest user in Salesforce public sites built on site.com, force.com, or communities.  We have provided a set of tools, guidelines and resources to help you prepare for this change.

Løsning

As part of the new Guest User Security Policy for Salesforce public sites, the following settings will be enabled with the Winter ‘21 release. Please note that these settings cannot be disabled once the change is enforced.

Secure guest user record access
When this setting is enabled, guest users:

  • Have org-wide defaults set to Private for all objects, including objects not listed on the Sharing Settings page. This access level can’t be changed.
  • Can’t be added to queues or public groups.
  • Can’t be given access to records through manual sharing or Apex managed sharing.
  • Can be granted Read Only access to records only through guest user sharing rules.
Assign new records created by guest users to the default owner (Communities)
Assign new records created by Salesforce Sites guest users to a default owner in the org (Salesforce Sites)
When this setting is enabled:
  • A record created by a guest user is assigned to a default active user in the org, who becomes the record owner.
Rollout Plan
The updates will be enforced in all orgs with the Winter ‘21 release WITHOUT opt-out and disable options. 
 
To get the major release update date for your instances, navigate to Trust Status, search for your instance type, and click the Maintenance tab.

How will my organization be impacted?
These changes affect all customer organizations with Salesforce public sites built on Communities, Salesforce Sites (formerly Force.com Sites), and Site.com Sites. At the time of enforcement, you may experience impact to your existing Guest User access model in the following areas:
  • Data visibility, as Guest Users may lose access to data
  • Guest flows, as some Guest User creation flows may be broken
How do I test these changes?
  • Complete your site self-assessment using:
    • Guest User Access Report:  Appexchange package to help guide your testing and quickly assess the impact to your org. The report provides an overview of objects and permissions guest users can access from your public communities.
    • This document outlines instructions on how to use the package
    • Sample Testing Plan with common use cases.
If you need additional help:
 
If, after reviewing the resources and completing your self-assessment, you require additional help, please contact Support by logging a case via Salesforce Help.  The case must include the following:
  • Specify the org where issue is happening:
    • Production Org ID
  • Is the issue related to:
    • Force.com Sites
    • Site.com Sites
    • Community Cloud (Unauthenticated)
  • URL: Provide the URL for your impacted site
  • Issue Description: Detailed description of impacts on your org and the specific steps you took to attempt to fix the impacted areas.  
  • Self-Assessment: Provide the output, via attachment, of your org’s self-assessment using the Guest User Access Report including specifics on why areas in red cannot be made green/yellow. 
 
***This information is critical to help us determine the next steps to ensure your site continues to remain secure and minimize the impact of security updates on your org. 

Additional Resources:
  • Dedicated trailblazer chatter group for questions and key information 
  • More information can be found in this Help Topic  
  • Guest User Security Office Hours. Registration is limited, so we encourage you to sign up
  • Visit the Guest User Security Policy page for additional resources.
Vidensartikelnummer

000380699

 
Indlæser
Salesforce Help | Article