First-Generation Managed Packaging Developer Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
First-Generation Managed Packages
Why Switch to Second-Generation Managed Packaging?
Register a Namespace for a First-Generation Managed Package
Create a First-Generation Managed Package Using a UI
Create a First-Generation Managed Package using Salesforce DX
Components Available in First-Generation Managed Packages
Behavior of Specific Metadata in First-Generation Managed Packages
Package and Test Your First-Generation Managed Package
Update Your First-Generation Managed Package
Publish Upgrades to First-Generation Managed Packages
Manage Licenses for Managed Packages
Get Started with the License Management App
Lead and License Records in the License Management App
Modify a License Record
Refresh Licenses for a Managed Package
Extending the License Management App
Move the License Management App to Another Salesforce Org
Troubleshoot the License Management App
Best Practices for the License Management App
Troubleshoot Subscriber Issues
Request Login Access from Subscribers
Log In to Subscriber Orgs
Debug Subscriber Orgs
Manage Features in First-Generation Managed Packages
AppExchange App Analytics for First-Generation Managed Packages
Developing and Distributing Unmanaged Packages
PDF

Log In to Subscriber Orgs

After your subscriber has granted you login access, you can log in to the subscriber org to troubleshoot the issue.
Available in: Enterprise, Performance, and Unlimited Editions

User Permissions Needed
To log in to subscriber orgs: Log in to Subscriber Org

You can only log in to orgs with a Salesforce Platform or full Salesforce license. You can’t log in to subscriber orgs on Government Cloud instances. It's also not possible to log into a scratch org using the log in to subscriber org feature.

Note

Multi-Factor Authentication Required to Log In to a Subscriber Org

Starting in Spring ’22, multi-factor authentication (MFA) is required when logging into the License Management Org (LMO). MFA is required only for LMO users who require access to the Subscriber Support Console. This requirement provides subscribers an extra layer of security by verifying the identity of the user accessing their org. You also have more control over which users log in to a subscriber org.

Determine which users require access to the Subscriber Support Console, and then set up multi-factor authentication (MFA) for those users.

Log In to a Subscriber Org

After you’ve logged in to the LMO using multi-factor authentication (MFA), and your subscriber has granted you login access, you’re ready to log in.

  1. In the License Management App (LMA), click the Subscribers tab.
  2. To find a subscriber org, enter a subscriber name or org ID in the search box, and click Search.
  3. Click the name of the subscriber org.
  4. On the Org Details page, click Login next to a user’s name. You have the same permissions as the user you logged in as.
  5. When you’re finished troubleshooting, log out of the subscriber org.

Some subscribers require MFA in addition to the MFA required for the LMO. Ask your subscriber if their org requires MFA to log in. If so, your login attempt sends an MFA notification to your subscriber, and your login is blocked until your subscriber responds to the notification. To ensure that your subscriber is available to respond to the MFA notification, consider coordinating a specific login time.

Note

Best Practices for Logging In

  • Create an audit trial that indicates when and why a subscriber org login has occurred. You can create an audit trail by logging a case in your LMO before each subscriber org login.
  • When you access a subscriber org, you’re logged out of your LMO. To prevent your session from being automatically logged out of your LMO when you log in to a subscriber org, use the org’s My Domain login URL.
  • Allow only trusted support and engineering personnel to log in to a subscriber’s org. Because this feature can include full read/write access to customer data and configurations, it’s vital to your reputation to preserve their security.
  • Control who has login access by giving the Log in to Subscriber Org user permission to specific support personnel via a profile or permission set. See Assign Permissions to the Subscriber Org Console.