Send the Session ID Securely in Outbound Messages

To protect sensitive session data, the HTTPS protocol is now enforced for outbound message notifications that include the session ID. If you configure the outbound message with the Send Session ID option enabled, ensure that the endpoint URL starts with https://.

Where: This change applies to Lightning Experience and Salesforce Classic in Professional, Enterprise, Performance, Unlimited, and Developer editions.

How: To create or edit an outbound message configuration in Setup, enter Outbound Messages in the Quick Find box, and select Outbound Messages.