Enforce Data Access in Flow Formulas (Critical Update)

This update enforces the running user’s data access when a flow uses a formula resource or a formula field on a record variable to access a field on a record.

Where: This change applies to Lightning Experience and Salesforce Classic in Essentials, Professional, Enterprise, Performance, Unlimited, and Developer editions.

When: This critical update begins auto-activating on August 31, 2020.

Why: With this update enabled, flow formulas respect the running user’s object permissions, field-level access, and record-level access such as sharing rules.

For example, consider an org that makes cases private unless the case owner shares the cases explicitly with other users.

Without this update, when a user who isn’t the case owner runs a flow that accesses a field on a case via a formula, the flow interview ignores record-level security and accesses the field.

With this update enabled, the running user’s record-level access is enforced, so that flow interview can’t access the field.

How: We recommend that you test this update in a sandbox before enabling it in your production org.
  1. From Setup, enter Critical Updates in the Quick Find box, then select Critical Updates.
  2. For Enforce Data Access in Flow Formulas, click Activate.
  3. Test all flow paths that use formulas to access fields on records that have object-level security, field-level security, or record-level security. For example, test flows that use formulas to access fields on records that aren’t shared with the running user of the flow.

If you experience issues, contact Salesforce Customer Support.