No matches found
Try choosing different filters or resetting your filter selections.
Security and Identity
Protect your Salesforce organization and your users with a new, more intuitive login experience and more
secure login handling. In Lightning Experience, get to Salesforce apps, custom apps, and connected apps from one App Launcher
view. Transaction Security policies let you respond quickly to specified security situations. You can encrypt more fields, and
you can store larger OAuth tokens and password fields.
-
New Login Look and Feel
We’ve redesigned and improved the usability of the login experience to make it more intuitive for users. In addition to the main login page, the updated design appears when your users forget their password, verify their identity, give apps access to their data, and other login-related tasks. This feature is available in Lightning Experience, Salesforce Classic, and the Salesforce1 mobile app. -
Improved Security When Logged In as Another User
As a security measure, you can’t approve OAuth data access while you are logged in as another user. This change ensures that OAuth access isn’t provided without a user’s knowledge. -
Improved Security for Unwanted Login Attempts
We added measures to prevent scripts, sites, and other sources from automatically logging in users (also known as a “forced login”) without the user knowing. Users are now warned when a website, application, or other source uses a link or script to force a user to log in to Salesforce. -
Track Geographic Location of User Logins in Personal Settings and User Details
You can now track the geographic location of the IP addresses of your logins in your personal settings. You can also track the geographic location of the login IP addresses for any of your users in the user’s detail page. This feature is available in both Lightning Experience and Salesforce Classic. -
Twitter Auth. Provider No Longer Prompts User for Access on Repeated Logins
When users log in to Salesforce using Twitter, they are prompted to authorize Twitter to access Salesforce. After the first successful authorization, users are not asked to reauthorize Twitter again during subsequent logins in the same session. Previously, users had to reauthorize the Twitter app each time. This feature is available in both Lightning Experience and Salesforce Classic. -
Display and Customize Error Messages for Single Sign-On Using an Auth. Provider
If an error occurs during single sign-on using an authentication provider, the error code and description (if both are available) now display in text on the page and in the URL. Previously, the code and description displayed in the URL only. This feature is available in both Lightning Experience and Salesforce Classic. -
Time-Based Token Setting Name Changed in the User’s Personal Settings
For clarification, we’ve changed the name of the setting that lets your users register an authenticator app for their account. They use the authenticator app for identity verification or two-factor authentication. The new setting name on the user’s Advanced User Details page is App Registration: One-Time Password Generator. This feature is available in both Lightning Experience and Salesforce Classic. -
Store Larger OAuth Tokens and Longer Passwords
Enjoy increased capacity for OAuth tokens and password fields for external data sources, and for OAuth tokens for named credentials. Some external systems generate large passwords or OAuth tokens. The size limit for passwords and OAuth tokens has been increased to accommodate these systems. This feature is available in both Lightning Experience and Salesforce Classic. -
New Dynamic Size for Login Flow Page
When you publish a login flow, the login flow content area now resizes automatically to approximately 50% of the page size, based on your device’s screen size. Previously, the login flow content area was 340px wide. This feature is available in both Lightning Experience and Salesforce Classic. -
All Users Get the App Launcher in Lightning Experience
All users of Lightning Experience have access to the App Launcher to navigate to Salesforce apps, custom apps, and connected apps from one view. -
Reorder Apps Easier
Use the improved user interface to arrange the default sort order for Salesforce, custom, and connected apps in your organization. You can also hide apps from the App Launcher. This feature is available in both Lightning Experience and Salesforce Classic. -
Customize Connected App Behavior with Apex
Associate your own Apex class with a connected app to provide more authentication options and manage user attribute handling. -
Learn About Possible Security Issues Quickly with Transaction Security Policies
Transaction Security policies give you a way to look through events in your organization and specify actions to take when certain combinations occur. This feature is available in both Lightning Experience and Salesforce Classic. -
Protect More Data With Platform Encryption
Platform Encryption continues to expand the range of data you can protect. You can now encrypt Person Account fields and selected Case fields, and we’ve made it easier to work with encrypted data from mobile devices. This feature is available in Salesforce Classic only. -
Restrictions Added to My Domain Names
To reduce confusion identifying sites, and to increase security for users trying to log in to custom domains, you can’t use specific words in custom domain names. This feature is available in both Lightning Experience and Salesforce Classic. -
Customize the Headers and Bodies of Apex Callouts That Use Named Credentials
Developers can now customize how headers and bodies are constructed in Apex callouts that specify named credentials as endpoints. This flexibility enables you to use named credentials in special situations, for example, when the remote endpoint requires security tokens or encrypted credentials in request headers. This feature is available in both Lightning Experience and Salesforce Classic. -
Simplify Development of Web Service Callouts by Using Named Credentials
You can now specify named credentials as web service callout endpoints. A named credential specifies the URL of a callout endpoint and its required authentication parameters in one definition. Salesforce manages all authentication for Apex callouts that specify a named credential as the callout endpoint so that your code doesn’t have to. This feature is available in both Lightning Experience and Salesforce Classic.