Loading
Feature Disruption - Service Cloud VoiceRead More
Feature degradation | Gmail Email delivery failureRead More
Mobile Publisher for Experience Cloud
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Set Up Enhanced Mobile App Security for Mobile Publisher

            You are here:

            1. Salesforce Help
            2. Docs
            3. Mobile Publisher for Experience Cloud App

            Set Up Enhanced Mobile App Security for Mobile Publisher

            Enable Enhanced Mobile App Security in Setup for Mobile Publisher, configure security policies in Mobile Security, and assign the Enhanced Mobile App Security configuration to app users.

            Required Editions

            User Permissions Needed
            To create and modify a Mobile Publisher project: Manage mySalesforce Apps
            To create and modify Enhanced Mobile App Security settings:

            Manage Enhanced Mobile App Security

            AND

            Modify Metadata
            Important
            Important Almost all Mobile Publisher apps were moved to the External Client App framework in the Summer '25 release. If your app is one of a few still using Connected Apps, refer to the help documentation for any customizations you need to make.

            Before you enable Enhanced Mobile App Security for an Android app, download an app signing key certificate from the Google Play Console. You upload this certificate in a later step. To get the app signing key certificate from the Google Play Console, click on your Mobile Publisher app to view its settings. In the Release section of the navigation pane, expand Setup and click App signing. On the App signing page, in the App signing key certificate section, click Download certificate. Confirm that the certificate file is in the .der file format.

            1. Enable Enhanced Mobile App Security in Setup for Mobile Publisher.
              Note
              Note When you enable Enhanced Mobile App Security, you also enable code obfuscation for an Android app and string obfuscation for an iOS app. Code or string obfuscation protects your app from reverse engineering. You don’t need to activate a separate policy in Mobile Security to enable code or string obfuscation.
              1. From Setup, in the Quick Find box, enter Mobile Publisher, and then select Mobile Publisher.
              2. Open your app’s project, and then scroll to the Security section.
              3. Select Enhanced Mobile App Security.
              4. For Android apps, upload the app signing key certificate in the .der file format that you downloaded from the Google Play Console.
              5. In the Security Alert Settings section, optionally enter the colors and upload the font files for your app's security alerts.
                Note
                Note The security alert text isn't customizable.
              6. If your app is available on Android and iOS, enable Enhanced Mobile App Security and configure the optional Security Alert Settings in both the Android project and iOS project.
              Note
              Note Your changes are autosaved in your Mobile Publisher project. Proceed to the next steps without submitting your changes.
            2. Configure security policies in Mobile Security.
              1. From Setup, in the Quick Find box, enter Mobile Security, and then select Mobile Security.
              2. Find your app, and then click Edit Security Policies.
                Tip
                Tip The name of the app is the name that you specified in the corresponding Mobile Publisher project.
              3. Activate the security policies relevant to your app, and set each policy’s level. You can optionally set the effective date and time for each policy. Some policies have additional configuration fields. See Enhanced Mobile App Security Policies for Mobile Publisher.
              4. Save your changes.
              5. If your app is available on Android and iOS, configure the security policies on the Android external client app and iOS external client app. To test the security policies in the Playground app, configure the same security policies on the corresponding Playground Android and iOS external client apps.
            3. Assign the Enhanced Mobile App Security configuration to app users through a profile or a permission set.
              1. To assign Enhanced Mobile App Security through a profile, from Setup, in the Quick Find box, enter Profiles, and then select Profiles. Find the profile that’s associated with your Mobile Publisher for Experience Cloud app users. Edit the profile, and under the Administrative Permissions section, enable Enforce Enhanced Mobile App Security and API Enabled. Save your changes.
                Tip
                Tip The Enforce Enhanced Mobile App Security checkbox is visible on a profile’s settings only when the Enhanced Profile User Interface is enabled. If you’re not using the Enhanced Profile User Interface, you can find the Enforce Enhanced Mobile App Security checkbox in System Permissions.
              2. To assign Enhanced Mobile App Security through a permission set, create a permission set with Mobile Security as the label and Mobile_Security as the API name. Select Salesforce for the license, and click Save. Click System Permissions, click Edit, and enable Enforce Enhanced Mobile App Security and API Enabled. Save your changes. Then assign the Mobile Security permission set to your users.
            4. Return to your app’s project in Setup for Mobile Publisher, and then click Submit. Your Enhanced Mobile App Security configuration takes effect starting with the latest build of your app.
              Note
              Note Enhanced Mobile App Security can’t be implemented on previous app builds.

            After you initially configure Enhanced Mobile App Security and submit your changes in Setup for Mobile Publisher, you can update your app’s security policies in Mobile Security. Any policy changes in Mobile Security take effect after a user opens your app with a cold launch after quitting the app. If you’ve already requested a new app build from Mobile Publisher after enabling Enhanced Mobile App Security, you don’t need to request a new app build to implement security policy changes in Mobile Security settings.

            Note
            Note If you configured new colors or fonts under Security Alert Settings in Setup for Mobile Publisher, make sure to review and test the new security alert style in the beta version of your app.
             
            Loading
            Salesforce Help | Article