Require Customize Application Permission for Direct Read Access to Custom Settings (Critical Update, Enforced)

Access for users without the Customize Application permission to read unprotected custom settings is revoked as part of this critical update. Using different APIs that are provided by Salesforce, users without the Customize Application permission could read unprotected custom settings. Following the “secure by default” approach, this access is revoked.

Where: This change applies to Lightning Experience and Salesforce Classic in Contact Manager, Essentials, Professional, Enterprise, Performance, Unlimited, and Developer editions.

When: This critical update is scheduled to be enforced on sandbox instances on January 2, 2020 in the Spring ’20 release. It will not be rolled out to all instances on January 2, 2020. Sandbox instances are upgraded 4–6 weeks before a release goes into production. To find the exact activation date for your instance, refer to https://status.salesforce.com.

How: When this critical update is enforced on the instance, users without the Customize Application permission can no longer access custom settings. To minimize the impact on your users, admins with the Customize Application permission can grant read access to specific custom settings, or to all custom settings.

To grant a specific profile or permission set read access to custom settings.
  1. Go to the profile or permission set that you want to grant access to.
  2. Click the Custom Setting Definitions permission.
  3. Click Edit, add the custom setting to the Enabled Custom Setting Definitions list, then click Save.
To grant profiles or permission sets read access to all custom settings.
  1. Search for Profiles or Permission Sets from Setup, then click the name of the profile or permission set and click Edit.
  2. In the Administrative Permissions section, check View All Custom Settings.
  3. Click Save.
With the Restrict access to custom settings permission enabled, permissions are enforced as follows.
  • Customize Application permission—Read and write access to all custom settings.
  • Custom Setting Definitions—Read access to specific custom settings outside of System context. Users must be granted access through profiles and permission sets.
  • View All Custom Settings permission—Read access to all custom settings outside of System context.
  • View Setup and Configuration permission—Read access to custom settings in Setup. Users must be granted access to specific custom settings through profiles and permission sets, or be granted the View All Custom Settings permission.

Apex generally runs in system mode so the current user's permissions and field-level security aren’t considered during code execution.​ The critical update doesn’t affect the accessibility of custom settings from system mode. Calling Apex methods such as isAccessible indicate whether the running user has access outside of system mode. After activating this critical update, if the user isn’t granted access to an object, calling isAccessible returns false. For example, if a user isn’t granted access through a profile to Contact, isAccessible returns false.

While not recommended, you can disable this critical update by turning off the Schema Settings: “Restrict access to custom settings” permission. This Schema Settings permission corresponds to the security org-wide critical update.
  1. Go to Setup and search for Schema Settings.
  2. Turn off Restrict access to custom settings.