Ensure Guest User Access to Emails Created with Visualforce Email Templates

Protect access to your company’s data when you send emails that use Visualforce Classic email templates to guest users. Review and update these templates so that they can still be used.

Where: This change applies to Salesforce orgs with active public communities, sites, and portals in Enterprise, Performance, Unlimited, and Developer editions.

When: This security policy was released in Spring ’20 and was immediately enforced.

Who: This change applies to Visualforce email templates that target guest users in communities.

Why: Emails that use Visualforce email templates send information based on a user’s access to Salesforce data. But because data access for guest users is limited in Salesforce, the template doesn’t work.



Assess the impact of the guest security policy and, if necessary, update Visualforce email templates sent to guest users.

How: Add an attribute to the emailTemplate tag in your Visualforce email template.
  1. Ensure that you have the Author Apex user permission.


    Any user who creates or updates Visualforce email templates must have this permission.

  2. Open a Visualforce email template and add this attribute to the emailTemplate tag:
  3. Save the template.