🚨🚨 WARNING : This area is protected by a very nasty guard dog. Three days a week. YOU CHOOSE WHICH DAYS!

This is article is one of a many volumes for the Spring ’23 Release Notes — The Funny-ish Summary. If you want to jump to a specific Topic please use the links at the bottom of this page.

Security, Identity, and Privacy

Domains

• Enhanced Domains will be deployed in all orgs. You can choose to postpone this automatic deployment until SUMMER ’23 or disable enhanced domains until they’re enforced in WINTER ’24. The choice is yours, choose wisely.
• Someone made changes to My Domain settings, catch the culprit red handed using the Setup Audit Trail 🕵️.

Identity and Access Management

• What time is it? MFA Auto-Enablement time! Salesforce is automatically enabling MFA for production orgs in several phases. Find out more here.
• Enhance the security of certificate-based logins to Salesforce by checking the revocation status of user certificates.

• to do Monitor Connected App Logins
• SAML framework upgrade is enforced in this release. I warned you ! Now I’m coming for you🏃🏃.
• With new Headless Identity APIs for Login and Forgot Password, you can control the user experience in a third-party app while relying on Salesforce for authentication. Your identity is personal. Keep it that way!

Health Check

• ☘️ Stay healthy and identify whether you have a̶ ̶d̶i̶s̶e̶a̶s̶e̶ 🤒😷 any at-risk security settings for external URL redirection with a new Health Check setting.

Privacy Center

• Group hugs all ‘round 🫂, Preference Manager that we already know and love has a new template type: ‘Communication Subscriptions’.
• Customize Channel Type selections on Preference Forms. Checkbox, Opt in Radio Button, Radio Button or Toggle! your call.

Salesforce Shield

• When it comes to generating and receiving event log files, to opt in or to opt out ? That is the question. (Previously, all instances received event log files automatically.)
• Emergency alert 🚨: A user is downloading a file containing sensitive information. Investigate immediately. This is not a drill. I repeat this not a drill.
  ➡️ File Event supports transaction security policies and you can now track it with real-time notifications (BETA).

• Okay .. hear me out — When you append new data to Event Monitoring Analytics app datasets (BETA), data now uploads more efficiently.

Security Center

• 🎤 Is this thing on ? Use CRM Analytics to build out dashboards and to report on Security Center data.
• Analyze charts within the Configuration metric category with new and improved data labels. Go over there 🫵 and test it out.

Other Security Changes

• Me: What’s that smell?
  Content Sniffing Protection: *Sniff sniff* It smells like bad scripts disguised as other file types.
  ➡️ Content Sniffing Protection is enforced in this release.
• Yep, it’s official: you can use OAuth JWT Bearer Flow with Named Credentials.
• “Educate yourself about clickjacking and review your clickjack settings.” Take my advice, you’ll need it

More Volumes?

• Volume I: Salesforce Overall, Enablement and Guidance, Reports and Dashboards
• Volume II: CRM Analytics
• Volume III: Security, Identity, and Privacy
• Volume IV: Customization
• Volume V: Salesforce Flow
• Volume VI: Development
• Volume VII: Sales
• Volume VIII: Service
• Volume IX: Experience Cloud
• Volume X: Salesforce CMS & Mobile
• Volume XI: Commerce
• Volume XII: Industries

Authors

• Hamza Ait Ben Said
• Imane Laklaai
• Manal Outaleb
• Mustapha El Hassak
• Oumaima ARBANI
• Zakaria SEMRI