Timeline for Guest User Object Permission Changes
Guest User Object Permission Changes are slated to be turned off for custom objects and certain standard objects with the rollout of the Winter '21 release. You can activate the "Opt Out of Enforcing Guest User Object Permission Changes" critical update to keep these permissions unchanged until Spring '21. After your org updates with the Winter '21 release, this update can no longer be activated, and these permissions are permanently removed in the Spring '21 release.
Impacts on Apex:outputField and Lightning Components
Apex:outputField: The apex:outputField component with inline edit is not supported if Edit permission on the object is not enabled for the Guest User profile. Since the inline edit feature makes the field editable, Guest Users require Edit permission for the component to work properly. When Edit permission is removed, the apex:outputField renders in read-only mode only.
Example: When a user double-clicks on a field rendered by apex:outputField with apex:inlineEditSupport, the field becomes editable if the user has Edit permission. Without Edit permission, the field remains in read-only mode regardless of double-clicking.
Lightning components that require Edit permission:
The following Lightning components require object Edit permission and Read/Write record access to render in edit mode. When Edit permission is removed for Guest Users:
Workarounds
Activate the "Opt Out of Enforcing Guest User Object Permission Changes" critical update to retain Edit and other permissions until the Spring '21 release.
For longer-term solutions, record modification needs for Guest Users should be addressed by executing updates in Apex methods that run in "without sharing" mode, combined with encryption and decryption of resources. Alternative UI components such as lightning:input and force:inputField can be used instead of the components that require Edit permission.
Running Flows in System Context
As an alternative, run Flows in system context. This mode allows the standard Flow actions "Get Records" and "Update Records" to work for Guest Users without requiring Apex actions or Edit permissions.
000393226

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.