Where: This change applies to Lightning Experience and Salesforce Classic in Enterprise, Performance, Unlimited, and Developer editions.
When: Change Data Capture is generally available as of January 15, 2019.
How: For example, you have a human resource (HR) system with copies of employee custom object records from Salesforce. You can synchronize the employee records in the HR system by receiving change events from Salesforce. After receiving the events, you can process the corresponding insert, update, delete, or undelete operations in the HR system. Because the changes are received in near real time, the data in your HR system stays up to date.
Change events are based on platform events and share some of their characteristics. For example, you can replay a stream of past events that are stored for up to three days. Also, change events share the usage-based entitlements for CometD event delivery with high-volume platform events.
Change events are available for all custom objects defined in your Salesforce org and a subset of standard objects. Select the objects that you want to get notifications for from the new Change Data Capture page in Setup. The following standard objects support change events.
- Account (including Person Account)
- User (including partner users)
For this release, we made these enhancements.
- Select Objects for Change Notifications
- To receive notifications for record changes, select the custom objects and supported standard objects that you are interested in. From Setup, enter Change Data Capture in the Quick Find box, and click Change Data Capture.
- Shield Platform Encryption Support
- Change Data Capture is supported when Shield Platform Encryption is enabled. If Salesforce record fields are encrypted with Shield Platform Encryption, changes in encrypted field values generate change events. Data in change event messages is delivered over a secure transport layer (HTTPS and TLS).
- Change events are stored in a separate data store in Salesforce for up to three days. Before being stored, they’re encrypted and require you to create an Event Bus tenant secret. To enable encryption and delivery of change events, first create an Event Bus tenant secret in the Key Management page in Setup. Then, in the Encryption Policy page, select Encrypt and deliver Change Data Capture events.
- Granular User Permissions
- Previously, only the View All Data permission was enforced to subscribe to change events. In this release, the required permission depends on the channel subscribed to. If you subscribe to a specific object channel, you only need the View All permission for that object to receive change events. The View All Users permission is enforced to receive User record changes.
- SHA-256 Hash Used in Data Differences
- The SHA-256 hash is included in updated large text fields for which the data differences are sent. Previously, an MD5 hash was computed, but it is less robust than the SHA-256 cryptographic hash. The hash value enables you to check that the reconstructed value from the unified diff matches the original value.
- New Format for the changeOrigin Header Field Value
- The changeOrigin field value now includes the name and version of the Salesforce API used for the call, in addition to the client ID (if available). The format of the changeOrigin field is:
- The changeOrigin field is empty if the originator of the request is not the API (the Salesforce UI).