As part of our focus on continuous improvement, we will be releasing changes to enhance the security of your org. These changes could potentially impact your guest user in Salesforce public sites built on site.com, force.com, or communities. We have provided a set of tools, guidelines and resources to help you prepare for this change.
As part of the new Guest User Security Policy for Salesforce public sites, the following settings will be enabled with the Winter ‘21 release. Please note that these settings cannot be disabled once the change is enforced.
Secure guest user record access
When this setting is enabled, guest users:
Assign new records created by guest users to the default owner (Communities)
Assign new records created by Salesforce Sites guest users to a default owner in the org (Salesforce Sites)
When this setting is enabled:
Rollout Plan
The updates will be enforced in all orgs with the Winter ‘21 release WITHOUT opt-out and disable options.
To get the major release update date for your instances, navigate to Trust Status, search for your instance type, and click the Maintenance tab.
How will my organization be impacted?
These changes affect all customer organizations with Salesforce public sites built on Communities, Salesforce Sites (formerly Force.com Sites), and Site.com Sites. At the time of enforcement, you may experience impact to your existing Guest User access model in the following areas:
How do I test these changes?
If you need additional help:
If, after reviewing the resources and completing your self-assessment, you require additional help, please contact Support by logging a case via Salesforce Help. The case must include the following:
***This information is critical to help us determine the next steps to ensure your site continues to remain secure and minimize the impact of security updates on your org.
Additional Resources:
000380699

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.