Salesforce Security Guide

Salesforce Security Guide
Salesforce Security Basics
Authenticate Users
Give Users Access to Data
Share Objects and Fields
Strengthen Your Data's Security with Shield Platform Encryption
Monitoring Your Organization’s Security
Monitor Login History
Field History Tracking
Monitor Setup Changes with Setup Audit Trail
Transaction Security Policies (Legacy)
Set Up Legacy Transaction Security
Create Legacy Transaction Security Policies
Apex Policies for Legacy Transaction Security
Real-Time Event Monitoring
Security Guidelines for Apex and Visualforce Development
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Apex Policies for Legacy Transaction Security

Every Transaction Security policy must implement the Apex TxnSecurity.PolicyCondition or TxnSecurity.EventCondition interface.
Available in: Salesforce Classic and Lightning Experience
Available in: Enterprise, Unlimited, and Developer Editions

Requires Salesforce Shield or Salesforce Event Monitoring add-on subscriptions.

Legacy Transaction Security is scheduled for retirement in all Salesforce orgs as of Summer ’20. For more information, see Legacy Transaction Security Retirement. You can no longer create, edit , or enable transaction security policies using the legacy framework and will receive an error message if you try to do so. To create transaction security policies using the new framework, refer to the Enhanced Transaction Security documentation. To migrate legacy policies to the new framework, refer to the migration documentation.

Warning

If you didn’t specify a condition value before you generated the Apex interface for a policy, you can add the condition later. To change the condition, you can edit the Apex code to include a condition before you activate your policy. If you don’t include a condition, your policy isn’t triggered.

Don’t include DML statements in your custom policies because they can cause errors. When you send a custom email via Apex during transaction policy evaluation, you get an error, even if the record is not explicitly related to another record. For more information, see Apex DML Operations in the Apex Developer Guide.

When you delete a transaction security policy, your TxnSecurity.PolicyCondition or TxnSecurity.EventCondition implementation isn’t deleted. You can reuse your Apex code in other policies.

If you use an API callout in the Apex class that implements TxnSecurity.PolicyCondition, you must select an action when you create the Transaction Security policy in Setup. If you select None as the action, the policy can’t execute. For more information, see Invoking Callouts Using Apex in the Apex Developer Guide.