| ActionConfig |
- Type
- textarea
- Properties
- Create, Update
- Description
- Describes the action to take when the matching Transaction Security policy is
triggered. Also indicates the type of notifications selected and the ID of
the intended recipient. The recipient must be active and assigned
the Modify All Data and View Setup user permissions. Multiple
actions can be taken. The actions available depend on the
Event Type field.
|
| ApexPolicyId |
- Type
- reference
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
- Represents the Apex TxnSecurity.PolicyCondition or TxnSecurity.EventCondition
interface for this policy.
|
| BlockMessage |
- Type
- string
- Properties
- Create,Filter, Nillable, Sort, Update
- Description
- The custom message a user receives when their action is blocked by
a policy. Used in Real-Time Event Monitoring only. Maximum of 1000
characters. This field appears as null when the default message
option is selected and is available only when
EventName is set to ApiEvent, ListViewEvent, or ReportEvent. Available in API
version 49.0 and later.
|
| Description |
- Type
- string
- Properties
- Create, Filter, Nillable, Sort, Update
- Description
- The description entered for this policy.
|
| DeveloperName |
- Type
- string
- Properties
- Create, Filter, Group,
Sort, Update
- Description
- The API, or program name, for this policy.
|
| EventName |
- Type
- picklist
- Properties
- Create, Filter, Group, Nillable, Restricted picklist, Sort, Update
- Description
- Used in Real-Time Event Monitoring only. Indicates the name of the
event the policy monitors. Valid values are:
-
ApiEvent—Tracks these user-initiated read-only API calls: query(), queryMore(),
and count(). Captures API requests through SOAP API,
REST API, and Bulk API for the Enterprise and Partner WSDLs. Tooling API calls and API
calls originating from a Salesforce mobile app aren’t captured.
-
CredentialStuffingEventStore—Tracks when a user successfully logs into Salesforce during an
identified credential stuffing attack. Credential stuffing refers to large-scale
automated login requests using stolen user credentials. This value is available in API 49.0 and later.
-
ListViewEvent—Tracks when users access data with list views using Lightning
Experience, Salesforce Classic, or the API. It doesn’t track list views of Setup
entities.
-
LoginEvent—LoginEvent tracks the login activity of users who
log in to Salesforce.
-
ReportAnomalyEventStore—Tracks anomalies in how users run or export reports, including
unsaved reports. This value is available in API 49.0 and later.
-
ReportEvent—Tracks when reports are run in your org.
-
SessionHijackingEventStore—Tracks when unauthorized users gain ownership of a Salesforce user’s
session with a stolen session identifier. To detect such an event, Salesforce evaluates
how significantly a user’s current browser fingerprint diverges from the previously
known fingerprint using a probabilistically inferred significance of change. This value is available in API 49.0 and later.
|
| EventType |
- Type
- picklist
- Properties
- Create, Filter, Group, Nillable, Restricted picklist, Sort, Update
- Description
- Used in Legacy Transaction Security only. Indicates the type of
event the policy monitors. Valid values are:
-
AccessResource—Notifies you when the
selected resource has been accessed.
-
AuditTrail—Reserved for future use.
-
DataExport—Notifies you when any API query
is made, such as from the Data Loader API client, or when a
Report export occurs.
-
Entity—Notifies
you on use of an object type such as an authentication
provider or chatter post.
-
Login—Notifies
you when a user logs in.
|
| ExecutionUserId |
- Type
- reference
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
- Used in Legacy Transaction Security only. The ID of an active user
who is assigned the Modify All Data and View Setup user
permissions.
|
| MasterLabel |
- Type
- string
- Properties
- Create, Filter, Group, Sort, Update
- Description
- The policy’s name.
|
| NamespacePrefix |
- Type
- string
- Properties
- Filter, Group, Nillable, Sort
- Description
-
The namespace prefix associated
with this object. Each Developer Edition organization that creates a managed package has a
unique namespace prefix. Limit: 15 characters. You can refer to a component in a managed
package by using the namespacePrefix__componentName notation.
The namespace prefix can have one of the
following values:
- In Developer Edition organizations, the namespace prefix is set to the namespace prefix
of the organization for all objects that support it. There is an exception if an object is
in an installed managed package. In that case, the object has the namespace prefix of the
installed managed package. This field’s value is the namespace prefix of the Developer
Edition organization of the package developer.
- In organizations that are not Developer Edition organizations,
NamespacePrefix is only set for objects that are part of an installed
managed package. There is no namespace prefix for all other objects.
|
| ResourceName |
- Type
- string
- Properties
- Create, Filter, Group, Nillable, Sort, Update
- Description
- Used in Legacy Transaction Security only. A resource used to
narrow down the conditions under which the policy triggers. For
example, with a DataExport
event, you can select a resource Lead to specifically monitor
export activity occurring on your Lead entities. The resources
available depend on the EventType field.
|
| State |
- Type
- picklist
- Properties
- Create, Filter, Group, Restricted picklist, Sort, Update
- Description
- Indicates whether the policy is active. Valid values are:
|
| Type |
- Type
- picklist
- Properties
- Create, Filter, Group, Restricted picklist, Sort, Update
- Description
- The type of validation that the policy uses. The valid values are:
-
CustomApexPolicy— Created with Apex
editor.
-
CustomConditionBuilderPolicy— Created
with Condition Builder
.
|
j