When to Enable Lightning Web Security
Determine whether to enable Lightning Web Security (LWS) in your production org based on the type of components present in your org. LWS is generally available for both Lightning web components (LWC) and Aura components.
New orgs have LWS enabled by default. If you create an org from a template, then that org inherits the LWS setting of the template. If you plan to populate a new org with preexisting or packaged Lightning components, be sure to test first in a sandbox environment with LWS enabled. See Workflow to Test Your Components with Lightning Web Security.
If your org contains Experience Cloud sites, see Experience Builder Sites and LWS before enabling LWS.
To determine the type of components that are present in your org, see Determine if Lightning Web Security Affects Your Org.
| Components in Org | OK to Enable LWS in Production? | Testing Approach |
|---|---|---|
| No components | Yes | Testing isn’t needed because LWS has no effect if there are no components in your org. However, testing a new release is always recommended in sandboxes. |
| Only LWC or only Aura | Yes, after testing in sandbox | We strongly recommend that you first enable LWS in a sandbox staging environment for your org. See Workflow to Test Your Components with Lightning Web Security. If testing shows that your components are working well in the sandbox, enable LWS in a production org. If issues arise, you can return to using Lightning Locker for Lightning components by deselecting the LWS setting. |
| Aura and LWC | Yes, after testing in sandbox | We strongly recommend that you first enable LWS in a sandbox staging environment for your org. See Workflow to Test Your Components with Lightning Web Security. If testing shows that your components are working well in the sandbox, enable LWS in a production org. If issues arise, you can return to using Lightning Locker for Lightning components by deselecting the LWS setting.
|
See Also