function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
LloydSilverLloydSilver 

Expose custom objects to customers securely

Is there a way that I can expose records within a custom object to our customers in a secure fashion - so they can only see records relating to their own contact record (e.g. custom objects with master-detail relationship to contacts).

 

Communities is more than I need, and outside my budget. So I'm hoping there's a way of doing this perhaps through a force.com site.

 

Thanks.

Vinita_SFDCVinita_SFDC

Hello,

 

Yes you are right, this requirement can be achieved by force.com sites.

Guest user licenses are required for force.com sites. EE/UE orgs are allowed to create up to 25 sites hence the 25 guest user licenses

  1. Each site has a special user with a user type called guest user type
  2. Guest users have no password, no role and have no API access on their profile. 
  3. You can't login or do client side api call (only within apex code). If you need API access for guest users, the  "Guest API Access Enabled" org permission needs to be enabled.
  4. There is no session for guest browsing
  5. Each guest user (site) has a unique profile (public access settings)
  6. These profiles are associated to guest user licenses which give the ability to read/create on standard objects and full CRUD on custom objects.  However, by default no CRUD is given.  Admins needs to enable the right level of access based on their flow
  7. We advise private sharing for the objects that are enabled for sites
  8. Guest user licenses can't be used for any other purposes other than Force.com Sites
LloydSilverLloydSilver

Thanks for the reply.

 

Without additional security, wouldn't this solution as presented expose all data to all visitors of the site?

 

Would I need to use something like an authenticated web user license so that each visitor can only see the information that he or she is associated with?
Vinita_SFDCVinita_SFDC

Hello,

 

Yes their is license guest user license. The visitors would be guest users with a profile, they will view the content as per the access provided on their profile.

 

  1. Each guest user (site) has a unique profile (public access settings)
  2. These profiles are associated to guest user licenses which give the ability to read/create on standard objects and full CRUD on custom objects.  However, by default no CRUD is given.  Admins needs to enable the right level of access based on their flow.
LloydSilverLloydSilver

My understanding is that the guest user license only applies to the site itself. If you want individual authentication, then each visitor must have his or her own license (authenticated web user license).