This article is one of many other volumes for the Summer ’23 Release Notes — The Funny-ish Summary. If you want to jump to a specific Topic please use the links at the bottom of this page.

Security, Identity, and Privacy

Domains

• You better enable and deploy those enhanced domains, or you’ll be left in the URL dust! by WINTER ’24.

Yesterday, you said SPRING ’23, so JUST DO IT!!! Test those changes in a sandbox and follow the activation steps under Setup’s Release Updates and JUST DO IT!!!

Privacy Center

• Who needs a website ? when you can host you Preference Forms without one.
• Don’t let those sneaky privacy laws like GDPR catch you off guard. You can stay compliant by maintaining a record of your users’ consent changes in Field Audit Trail. ( list of available objects can be found here).

Salesforce Shield

• Say hello to FileEvent & FileEventStore, your new best friends to track file preview, upload & download from the UI & the API GA.
• Where are my Event log files? Starting from SUMMER ’23, Event log files are now generated and delivered only to orgs that opted in to receive them.

If you no longer go for a gap that exists, you’re no longer a ̶r̶a̶c̶i̶n̶g̶ ̶d̶r̶i̶v̶e̶r̶ worthy of being a Salesforce admin — some guy on the internet

• Hence, you can now further improve your lightning page performance with the newly added fields to better provide a consistent user experience.
• Gotta catch em all! You can track host name redirections that may have been caused by a url change enabling enhanced domains, Keep in mind that redirections will STOP in WINTER ‘25.
• You’ll have the power to catch those sneaky insecure Login flows that may expose user credentials, just use the LoginEvent and LoginEventStream events to track OAuth user-agent and username-password flows.

Identity and Access Management

• 🚨 We’ve got a brand-new way to enable MFA for SSO Logins🚨, you can now enable it directly from the SSO configuration page to use either a third party or Salesforce MFA service instead of applying high-assurance session security setting on the user profile.
• Why did the password go to therapy? Because it had too many issues and couldn’t remember its own identity! Therefore, OAuth 2.0 Username-Password Flow is now blocked by Default in New Orgs (Created in SUMMER ‘23).
• Seamless login experience can be challenging but not for Salesforce. Thanks to the newly supported parameter sso-provider your users will be automatically redirected to the SSO provider without ever landing the Salesforce login page.
• A good magician is not just someone who performs tricks 🪄 but the one that can make the standard self-registration components disappear on Aura and Lightning Web Runtime (LWR) sites which we can all do now.
• I feel more connected ! You can now enable connected apps to issue JSON Web Token (JWT)-based access tokens instead of opaque OAuth access tokens. BETA.
• They say data is the new oil, what if I wanted to mine it ? Salesforce to the rescue! you can now authorize your users to access to your precious data reserves in data cloud using the new OAuth scope cdp_api.
• ⚠️️️ Attention ⚠️ ️️Our investigations concluded that some users haven’t verified their emails. You will find the culprits under their user details and we have provided a way to reinitiate the verification — Email Verification Patrol.

• WINTER ’24 is on the horizon, and it’s time to bid farewell to those outdated U2F security keys. so if you haven’t used your key yet, do it. Otherwise keys not respecting WebAuthn standard will no longer be accepted after WINTER ‘24.

Other Changes

• In SUMMER ’23, Content sniffing is now enforced
• The long awaited change Named credentials is here, You can now map External Credential Principals to Permission Sets and Profiles.
• With great power comes great responsibility! We now have more control over OAuth scopes by controlling which user uses them.
• Ladies and gentlemen, brace yourselves for the unveiling of the new ConnectAPI capability CREATING AND MANAGING EXTERNAL CREDENTIALS.
• New sheriff in town, Hide this site’s URL is now renamed to Include Referrer-Policy HTTP header.

More Volumes?

• Volume I: Salesforce Overall
• Volume II: CRM Analytics
• Volume III: Commerce
• Volume IV: Customisation
• Volume V: Development
• Volume VI: Experience Cloud
• Volume VII: Industries
• Volume VIII: Mobile
• Volume IX: Sales
• Volume X: Salesforce flow
• Volume XI: Security, Identity, and Privacy

Authors

• Hamza Ait Ben Said
• Imane Laklaai
• Manal Outaleb
• Mohammed-Mahmoud Rhazzoul
• Mustapha El Hassak
• Oumaima ARBANI