Newer Version Available
Apex Policies for Transaction Security Notifications
| Available in: both Salesforce Classic and Lightning Experience |
| Available in: Enterprise, Performance,
Unlimited, and Developer Editions. Requires purchasing Salesforce Shield or Salesforce Shield Event Monitoring add-on subscriptions. |
If you didn’t specify a condition value before you generated the Apex interface for a policy, you can add the condition later. If you want to change the condition, you can edit it. Edit the Apex code to include a condition before you activate your policy. If you never include a condition, your policy is never triggered. See the following examples for how to write up the condition.
Your TxnSecurity.PolicyCondition implementation isn’t deleted when you delete a transaction security policy. You can reuse your Apex code in other policies.
This Apex policy example implements a policy that is triggered when someone logs in from multiple IP addresses in the past 24 hours.
Example
1global class LoginPolicyCondition implements TxnSecurity.PolicyCondition {
2 public boolean evaluate(TxnSecurity.Event e) {
3 AggregateResult[] results = [SELECT SourceIp FROM LoginHistory
4 WHERE UserId = :e.userId AND LoginTime = LAST_N_DAYS:1 GROUP BY SourceIp];
5 if(!results.isEmpty() && results.size() > 1) {
6 return true;
7 }
8 return false;
9 }
10}This Apex policy example implements a policy that is triggered when a session is created from a specific IP address.
Example
1global class SessionPolicyCondition implements TxnSecurity.PolicyCondition {
2 public boolean evaluate(TxnSecurity.Event e) {
3 AuthSession eObj = [SELECT SourceIp FROM AuthSession WHERE Id = :e.entityId];
4 if(eObj.SourceIp == '1.1.1.1' ){
5 return true;
6 }
7 return false;
8 }
9}This DataExport policy implements a policy that is triggered when someone exports data via the Data Loader.
Example
1global class DataExportPolicyCondition implements TxnSecurity.PolicyCondition {
2 public boolean evaluate(TxnSecurity.Event e) {
3 if(e.data.get('SourceIp') == '1.1.1.1' ){
4 return true;
5 }
6 return false;
7 }
8}This Apex policy is triggered when someone accesses reports.
Example
1global class ReportsPolicyCondition implements TxnSecurity.PolicyCondition {
2 public boolean evaluate(TxnSecurity.Event e) {
3 if(e.data.get('SessionLevel') == 'STANDARD' ){
4 return true;
5 }
6 return false;
7 }
8}This Apex policy is triggered when someone accesses a Connected App.
Example
1global class ConnectedAppsPolicyCondition implements TxnSecurity.PolicyCondition {
2 public boolean evaluate(TxnSecurity.Event e) {
3 if(e.data.get('SessionLevel') == 'STANDARD' && (e.entityId == '0CiD00000004Cce')){
4 return true;
5 }
6 return false;
7 }
8}