Restrict Access to @AuraEnabled Apex Methods for Guest and Portal Users Based on User Profile (Security Alert)
Where: This change applies to Aura and Lightning web components in Lightning communities, portals, and Salesforce Sites.
Why: When the associated critical update is activated, a guest, portal, or community user can access an @AuraEnabled Apex method only when the user’s profile allows access to the Apex class. The critical update enforces user profile restrictions for Apex classes used by Aura and Lightning web components.
How: To view the security alert and see recommendations for your org, enter Security Alerts in the Quick Find box in Setup and select Security Alerts.