Day: December 12, 2017

How the Salesforce Platform Enforces Authorization

In most cases the platform automatically enforces admin-configured authorization settings, so your job is easy. However, because the platform is flexible, there are certain cases where developers can bypass authorization settings. To understand why and where this happens, you need to understand the two execution contexts that a Force.com app runs in: user and system. […]

Read more

Authorization in Salesforce

Access to online data is generally restricted to only those who are identified, authenticated, and authorized. There are three main ways: –> Create, read, update, and delete (CRUD) settings ——–> Determine which objects a user can create, read, update, and delete –> Field level security (FLS) settings ——-> Determine which fields a user can read […]

Read more