Chapter 7. Security
Working in a very complex cloud environment with a very flexible platform requires a lot of focus on security design and maintenance. Much of Salesforce’s success is based on how easy it is to share information with teammates and coworkers. The myriad ways you can configure permissions provide lots of utility for users and developers. However, there are at least three different areas you should continuously monitor to guard against oversharing and unnecessary exposure. We’re going to cover three security paradigms here, with the important observation that these three patterns interact and that “effective” permissions are the sum of the permissions the same user or role has on each system. We’ll also be discussing the internal mechanisms for handling permissions in Salesforce, and some common misconceptions that arise from not fully appreciating some of the ways permissions work.
Warning
Salesforce security concept #1: Just because you cannot see a piece of data does not mean you cannot access it. There are native web services and pages that exist by default that can show you any data that you have been granted access to. It is a common security hole that objects and data are created and manipulated by automation in a way that is not intended to be seen by the user. A common misstep is to overshare data when trying to enable anonymous (unauthenticated) access on Experience Cloud sites (Communities). Flows and other visual tools that require read access to a ...
Get Practical Salesforce Architecture now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
