Salesforce Winter ’24 Release Notes — The Funny Summary — Volume V

This article is one of many other volumes for the Winter ’24 Release Notes — The Funny-ish Summary. If you want to jump to a specific Topic please use the links at the bottom of this page.

Security guards💂: the only people who can make a high-visibility vest look like camouflage

Security, Identity, and Privacy

Salesforce Backup

• 🚨Renaming alert🚨 The Backup and Restore managed package is now renamed Salesforce Backup.
• When some sneaky schema changes are forming an alliance with Mojo Jojo and messes with your data restoration mojo, don’t panic! The Salesforce Backup app has your back; it gives you the ability to download your backup and import the data using another tool 🥹

Domains

• Have you changed your “My domain”? When users are about to cruise to new URLs, you can pop on a message to help the users update their bookmarks, and let them know that we moved!

• Managing My Domain login policy can now be done in the Routing and Policies section of the My Domain Setup page 🤓
• Aaaaaand the party gets going ladies and gentlemen 🪩! My Domain is like a party planner, setting up themed spaces, aka partitioned domains for new sandboxes, orgs, and Trailhead Playgrounds. Even Hyperforce orgs upped their game, because the patch partition is now available 🥹

• Here’s a COOL one! Say you have your own custom domain, did you know that you can now serve your Experience Cloud sites or Salesforce Sites on your domain? And Salesforce helps you set it up by performing verification checks. F.A.N.T.A.S.T.I.C.O

Identity and Access Management

• Let’s start with the sad news: One-time passcodes sent via text messages (SMS) are no longer available as an identity verification method in free Salesforce orgs 😞
• You want it to be sent, please verify you email address first! When a user attempts to send an email from an unverified address, Salesforce gives it the cold shoulder, refusing to send it. Unverified email addresses are a no-go for sending until users either verify the address or hit the reset button on their password. I almost forgot to tell you that this only affects production orgs that don’t include single sign-on (SSO) and starting SPRING ’24 it will affect also those ones.
• Did you know that the external client apps are the cool cousins of the connected apps? You can now develop and package external client apps to integrate third-party applications.
• The Identity Connect 3.0.1.2 Security Patch is no longer available as of WINTER ’24, because Identity Connect 3.0.1.2 isn’t supported. 🎶🎶🎤 Oh Bella Ciao, Bella Ciao, Bella Ciao Ciao Ciao 🎤🎶🎶
• Who wants to enter their password everytime they want to log in? Yes NO ONE!!! Users can now log in to your off-platform apps with the Headless Passwordless Login Flow 🥹 All they have to do now is enter the OTP they receive via email or phone number.
• New headless flow is in town! ✨The guest user flow✨ This flow helps you collect data on guest users from the first time they enter your site until they register. Check here for me.
• Salesforce now does support reCAPTCHA Enterprise for securing the Headless Identity. Previously only reCAPTCHA v2 and v3 were supported.
• JWT-based access tokens are now GA, and they are also supported for access to Salesforce REST APIs.

Named Credentials

Okaaaaay let’s go

• Named credentials can now be configured to use OAuth 2.0 client credentials flow for server-to-server integration 💃💃💃💃
• Speaking of server-to-server integrations. External credentials can now be configured to use JWT authentication protocol for server-to-server integration.
• Say hi to our brand new permission! ✨Manage Named Credentials administrative permission✨ Previously if you want users to create, edit, or delete named credentials and external credentials, you assigned the Customize Applications permission.
• Now unauthenticated guest users can be authorised to perform authenticated callouts with named credentials.
• You can now make callouts to endpoints without any authentication configuration using named credentials 🤓

Security Health Check

• Customers with Experience Cloud sites can now see how many objects Guest Users have been granted access to.

Privacy Centre

• New landing page, new app, new life! You can now see every feature in your Privacy Center setup from the app homepage.
• Security and privacy are our responsibility️👮🏻‍♀️ You can now encrypt the Name field on authorization form objects with Shield Platform Encryption.
• For legal or business purposes companies are often obligated to preserve any potentially relevant information and prevent it from getting deleted or anonymised. You can now do so by using the Privacy Hold field on the Individual, Account, Contact, Lead, and User objects to preserve records from being masked or deleted by Privacy Policies.

Salesforce Shield

• Use the new Group Membership event type in the EventLogFile object to monitor when members are added to or removed from public groups or queues.
• You ask, and Salesforce delivers! With the new Insufficient Access event type in the EventLogFile object, you can now have more information about why a user does not have access to perform certain operations.
• The Event Monitoring Analytics app now appends new data exclusively to your datasets using incremental updates. GA
• Shield Platform Encryption now supports encryption at-rest for the Name field on a range of authorization form objects.
• You can now encrypt the Screen Flow Inputs field on the Flow Orchestration Work Item object. This field supports probabilistic, case-sensitive deterministic encryption, and case-insensitive deterministic schemes 😉

Security Centre

• Let’s be honest! Multiple tenants in Security Centre with
  similar names can lead to confusion. That is why Security Center users can now edit the Tenant Name field.
• Security Centre can now capture the instance name your tenants are running on 📸, and also the license usage details.
• Delve into user limitations by keeping an eye on login IP ranges. This includes tracking their creation and any updates, giving you the full scoop.

More Volumes?

• Volume I: General Enhancement, Scheduler, Enablement and Hyperforce.
• Volume II: Lightning Reports & Dashboards and CRM Analytics.
• Volume III: Salesforce Flow.
• Volume IV: Permissions, App Builder, Sharing and External Services.
• Volume V: Security Identity & Privacy.
• Volume VI: Development.
• Volume VII: Experience Cloud.
• Volume VIII: Mobile and Salesforce CMS.
• Volume IX: Commerce.
• Volume X: Revenue.
• Volume XI: Industries.

Authors

• Hamza Ait Ben Said
• Imane Laklaai
• Manal Outaleb
• Mustapha El Hassak
• Oumaima ARBANI
• Zakaria SEMRI