First-Generation Managed Packaging Developer Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
First-Generation Managed Packages
Why Switch to Second-Generation Managed Packaging?
Move to 2GP: Migrate Your Managed Packages with Ease
Register a Namespace for a First-Generation Managed Package
Create a First-Generation Managed Package Using a UI
Create a First-Generation Managed Package using Salesforce DX
Components Available in First-Generation Managed Packages
Behavior of Specific Metadata in First-Generation Managed Packages
Get Access to Agentforce in Your 1GP Packaging Org
Components Automatically Added to First-Generation Managed Packages
Protected Components in Managed Packages
Set Up a Platform Cache Partition with Provider Free Capacity
Package Dependencies in First-Generation Managed Packages
Metadata Access in Apex Code
Permission Sets and Profile Settings in Packages
Permission Set Groups
Custom Profile Settings
Protecting Your Intellectual Property
Call Salesforce URLs Within a Package
Develop App Documentation
API and Dynamic Apex Access in Packages
Manage API and Dynamic Apex Access in Packages
Configure Default Package Versions for API Calls
About the Partner WSDL
Generate an Enterprise WSDL with Managed Packages
Work with Services Outside of Salesforce
Connected Apps
Package and Test Your First-Generation Managed Package
Update Your First-Generation Managed Package
Publish Upgrades to First-Generation Managed Packages
Manage Licenses for Managed Packages
Manage Features in First-Generation Managed Packages
AppExchange App Analytics for First-Generation Managed Packages
Developing and Distributing Unmanaged Packages
PDF

Manage API and Dynamic Apex Access in Packages

API Access is a package setting that controls the dynamic Apex and API access that package components have to standard and custom objects. The setting displays for both the developer and installer on the package detail page.

User Permissions Needed
To edit API and dynamic Apex access for a package you’ve created or installed: Create AppExchange packages
To accept or reject package API and dynamic Apex access for a package as part of installation: Download AppExchange packages
  • The developer of an AppExchange package can restrict API access for a package before uploading it to AppExchange. After it’s restricted, the package components receive Apex and API sessions that are restricted to the custom objects in the package. The developer can also enable access to specific standard objects, and any custom objects in other packages that this package depends on.
  • The installer of a package can accept or reject package access privileges when installing the package to their organization.
  • After installation, an administrator can change Apex and API access for a package at any time. The installer can also enable access on additional objects such as custom objects created in the installer's organization or objects installed by unrelated packages.

Setting API and Dynamic Apex Access in Packages

To change package access privileges in a package you or someone in your organization has created:

  1. From Setup, enter Packages in the Quick Find box, then select Packages.
  2. Select a package.
  3. The API Access field displays the current setting, Restricted or Unrestricted, and a link to either Enable Restrictions or Disable Restrictions. If Read, Create, Edit, and Delete access aren’t selected in the API access setting for objects, users don’t have access to those objects from the package components, even if the user has the Modify All Data and View All Data permissions.

    Use the API Access field to:

    • Enable Restrictions— This option is available only if the current setting is Unrestricted. Select this option if you want to specify the dynamic Apex and API access that package components have to standard objects in the installer's organization. When you select this option, the Extended Object Permissions list is displayed. To enable access for each object in the list, select the Read, Create, Edit, or Delete checkboxes. This selection is disabled in some situations. Click Save when finished. For more information about choosing the Restricted option, including information about when it’s disabled, see Considerations for API and Dynamic Apex Access in Packages.
    • Disable Restrictions—This option is available only if the current setting is Restricted. Select this option if you don’t want to restrict the Apex and API access privileges that the components in the package have to standard and custom objects. This option gives all the components in the package the same API access as the user who is logged in. For example, if a user can access accounts, an Apex class in the package that accesses accounts would succeed when triggered by that user.
    • Restricted—Click this link if you already restricted API access and wish to edit the restrictions.

Accepting or Rejecting API and Dynamic Apex Access Privileges during Installation

To accept or reject the API and dynamic Apex access privileges for a package you’re installing:

  • Start the installation process on AppExchange.
  • In Approve API Access, either accept by clicking Next, or reject by clicking Cancel. Complete the installation steps if you haven’t canceled.

Changing API and Dynamic Apex Access Privileges After Installation

To edit the package API and dynamic Apex access privileges after you’ve installed a package:

  1. From Setup, enter Installed Packages in the Quick Find box, then select Installed Packages.
  2. Click the name of the package you wish to edit.
  3. The API Access field displays the current setting, Restricted or Unrestricted, and a link to either Enable Restrictions or Disable Restrictions. If Read, Create, Edit, and Delete access aren’t selected in the API access setting for objects, users don’t have access to those objects from the package components, even if the user has the Modify All Data and View All Data permissions.

    Use the API Access field to:

    • Enable Restrictions— This option is available only if the current setting is Unrestricted. Select this option if you want to specify the dynamic Apex and API access that package components have to standard objects in the installer's organization. When you select this option, the Extended Object Permissions list is displayed. To enable access for each object in the list, select the Read, Create, Edit, or Delete checkboxes. This selection is disabled in some situations. Click Save when finished. For more information about choosing the Restricted option, including information about when it’s disabled, see Considerations for API and Dynamic Apex Access in Packages.
    • Disable Restrictions—This option is available only if the current setting is Restricted. Select this option if you don’t want to restrict the Apex and API access privileges that the components in the package have to standard and custom objects. This option gives all the components in the package the same API access as the user who is logged in. For example, if a user can access accounts, an Apex class in the package that accesses accounts would succeed when triggered by that user.
    • Restricted—Click this link if you have already restricted API access and wish to edit the restrictions.