Run Flows That Bypass User Permissions

Allow guest users to create or edit records they don’t have direct access to by setting your flow to run in system context without sharing. Flows running with this setting ignore object-level security, field-level security, org-wide default settings, role hierarchies, sharing rules, manual sharing, teams, and territories.

Where: This change applies to Lightning Experience and Salesforce Classic in Essentials, Professional, Enterprise, Performance, Unlimited, and Developer editions.

Why: Normally, how a flow is launched determines whether the flow runs in the context of the user or the system. In a previous release, we added the ability to bypass the running user’s permissions by setting a flow to run in system context with sharing. While these flows ignore object- and field-level security, they still respect org-wide default settings, role hierarchies, sharing rules, manual sharing, teams, and territories.

Now you can set your flow to run in system context without sharing. Use this mode when you want to escalate a user’s privileges as they move through, but not outside of, a flow. For example, allow guest users to edit records that don’t belong to them, but only when they follow the steps defined in the flow.

When you run a flow in system mode without sharing, a limited set of actions and operations still run in user mode. For example, the Post to Chatter standard action continues to run in user mode.

How: When you’re saving a new flow, click Show Advanced. For How to Run the Flow, select System Context Without Sharing—Access All Data.

Under Show Advanced, System Context Without Sharing—Access All Data is selected for How to Run the Flow.

To select the same option for an existing flow version, click the Settings gear icon icon.