You are here:
Manage Personal User Information Visibility for External Users
Protect your external users’ data by concealing personal information fields from other external users. To meet your business’s security needs, you can modify which user fields are classified as personal information and hidden from view.
Required Editions
| Available in: Salesforce Classic and Lightning Experience |
| Available in: Enterprise, Performance, Unlimited, and Developer Editions |
| Applies to: LWR, Aura, and Visualforce sites |
| User Permissions Needed | |
|---|---|
| To enable hiding of personal information: | Customize Application |
| To view hidden personal information: | View Concealed Field Data |
| To enable digital experiences: | Customize Application |
When you enable this setting, external users, such as portal and community users, who search or view user records don’t see other users’ personal information fields on Experience Cloud sites. Authenticated external users can still view and update their own personal information fields. Unauthenticated guest users can’t view or update personally identifiable information (PII) fields, including their own.
Note You can’t disable the Enhanced Personal
Information Management setting after you enable it. This setting is enabled automatically
when digital experiences are enabled.
- Personal User Information Policies and Timelines
To protect your external users’ data, Salesforce introduced security settings that let you control personal user information visibility. Use this topic as a starting point to understand all the security improvements and updates, including timelines for enforcement and how to prepare for the changes. - Personal User Information Considerations
Keep these considerations in mind as you configure personal user information settings for external users by using Enhanced Personal Information Management. - Show Nicknames Instead of Full Names in an Experience Cloud Site
Enabling nickname display in your Experience Cloud site allows more privacy and protects member identities. This protection is especially helpful in a public site where unregistered visitors can access member profiles. - Share Personal Contact Information Within Experience Cloud Sites
Users can specify which information from their profile is visible to external users, such as customers and partners, and guests viewing publicly accessible pages that don’t require login.
See Also
Configure Enhanced Personal Information Management using Field Sets
If you began using this feature in Spring ’22 or later, you use the PersonalInfo_EPIM field set to choose which fields are classified as personal information and concealed from external users.
- From Setup, in the Quick Find box, enter User Management Settings, and then select User Management Settings.
- Enable Enhanced Personal Information Management.
-
Click the field set to review which user fields are classified as personal
information and concealed from authenticated external users.
By default, these fields are considered PII in the PersonalInfo_EPIM field set.
PII Fields (Spring ’22 and After) Details About Me Alias City Included in field set only; component of Address Company Name Country Included in field set only; component of Address Department Division Email Email Sender Address Email Sender Name Email Signature Employee Number Extension Fax First Name Included in field set only; component of Name Geocode Accuracy Included in field set only; component of Address Last Name Included in field set only; component of Name Latitude Included in field set only; component of Address Longitude Included in field set only; component of Address Manager MobilePhone Name Postal Code Included in field set only; component of Address SAML Federation ID State Included in field set only; component of Address Street Included in field set only; component of Address Title User Photo badge text overlay Username You can specify which components of a user’s name or address to hide. For example, if you want to make your users’ first names visible, you can choose to hide Last Name only.
-
To customize the user fields that are concealed, add them to the PersonalInfo_EPIM
field set.
Important Don’t classify fields that don’t contain PII. System fields, formula fields, the Default Currency ISO Code field, and the Information Currency field also aren’t supported.- In Object Manager, select User.
- Click Field Sets, and then select PersonalInfo_EPIM.
- Drag the field into the PersonalInfo_EPIM field set.
- Save your work.
Configure Enhanced Personal Information Management Using Compliance Categorization
If you enabled this feature before Spring ’22, you manage personal information visibility by adding PII to fields on the user object as the Compliance Categorization value.
Important Keep name-related personal information secure by enabling the Show
Nicknames preference at the site level and using Compliance Categorization on Name fields.
Unless you enable Show Nicknames and use PII as the Compliance Categorization value for
Name fields on the user object, the First Name and Last Name fields are visible to
external users.
- From Setup, in the Quick Find box, enter User Management Settings, and then select User Management Settings.
- Enable Enhanced Personal Information Management.
-
Review which user fields are classified as personal information and concealed from
authenticated external users.
By default, these fields are considered PII because of their Compliance Categorization value.
PII Fields (Before Spring ’22) Details About Me Address Available using Compliance Categorization only Alias Company Name Department Division Email Email Sender Address Email Sender Name Email Signature Employee Number Extension Fax Manager Mobile Name Included if Show Nicknames is enabled Phone SAML Federation ID Title User Photo badge text overlay Username -
To customize the user fields that are concealed, modify their Compliance
Categorization value.
Important Don’t classify fields that don’t contain PII, such as system fields.
- In Object Manager, select User.
- Click Fields & Relationships.
- Click the name of the field whose value you want to hide or make visible.
- Click Edit.
- To hide the field from external users, select PII as the Compliance Categorization value for the field. Removing this Compliance Categorization value exposes the field, which means that external users can see this field’s value.
- Save your work.
Did this article solve your issue?
Let us know so we can improve!
