Winter 21 – Restrict Access to @AuraEnabled Apex Methods for Authenticated Users

Winter 21 – Restrict Access to @AuraEnabled Apex Methods for Authenticated Users As the security concerns, we have now the critical updates and its enforced to activated part of Winter 21 Release. So Admin or Developer to review the critical updates and make sure to enable the @AuraEnabled Apex Methods […]

Winter 21 – Restrict Access to @AuraEnabled Apex Methods for Authenticated Users

As the security concerns, we have now the critical updates and its enforced to activated part of Winter 21 Release.

So Admin or Developer to review the critical updates and make sure to enable the @AuraEnabled Apex Methods to relevant Profiles or Permission Set. Before Winter 21 Release a user doesn’t need permission to access an Apex class containing an @AuraEnabled method. As the  security concerns, its now added as a critical update so that a user can access an @AuraEnabled Apex method only when the user’s Profiles or Permission Set allows access to the Apex class. In Winter ’21, its updated automatically activated  the critical update for all salesforce orgs. This critical update enforces user profile restrictions for Apex classes used by Aura Components and Lightning Web Components.

Error in Console:

If you not activated @AuraEnabled Apex Methods to relevant Profiles or Permission Set level then you will received the error in the Aura Components or Lightning Web Components.

Actions Points:-

  • Analyze the changes and identify the list of users who will be affected by the critical updates  (Search your apex class with contains the @AuraEnabled method either from Developer Console or Your favorite IDE and identify the list of Apex Class)
  • Add or Remove the Apex Class from Profile Level (Under the Enabled Apex Class Access Sections)
  • Add or Remove the Apex Class from Permission Set Level (Under Apps -> Apex Class Access Sections)
  • Or Install with AuraEnabled Scanner tool and update the Apex Class to Profiles and Permission Set for the necessary @AuraEnabled Apex Methods

Please Refer the below video to explained the use case with example and also provided the steps to install the AuraEnabled Scanner tool and update the Apex Class to Profiles and Permission Set for the necessary @AuraEnabled Apex Methods.

Reference:-

Release Updates: Enforcement for Profile-Based Access for @AuraEnabled Apex Classes, and More – https://releasenotes.docs.salesforce.com/en-us/winter21/release-notes/rn_lc_crucs.htm
AuraEnabled Scanner Tool – https://admin.salesforce.com/blog/2020/critical-update-ensure-users-have-access-to-auraenabled-methods
Winter 21 Pre-Release Org Signup – https://www.salesforce.com/form/signup/prerelease-winter21/
Get Ready for the Winter ’21 Release – https://developer.salesforce.com/blogs/2020/08/get-ready-for-the-winter-21-release.html

The post Winter 21 – Restrict Access to @AuraEnabled Apex Methods for Authenticated Users appeared first on TheBlogReaders.com.

ASNF

Next Post

5 Ways to Convince Your Organization to Go Digital

Thu Oct 8 , 2020
So you use Salesforce in your department already and see that by implementing it in other departments, your job and that of your colleagues could be easier, more productive, and more impactful–but your leadership doesn’t see it that way. What to do? Change is hard and choosing to make a […]