Enhanced Domain Security in Salesforce

Share This Post

What is Enhanced Domain?

Enhanced domains are the latest version of My Domain that meets the latest browser requirements. With enhanced domains, all URLs across your org contain your company-specific My Domain name, including URLs for your Experience Cloud sites, Salesforce Sites, Visualforce pages, and content files.

Feature of Enhanced Domain:

  • Avoid third-party Cookies
  • Enhanced Domain URLs remain stabilized when the org is moved to another Salesforce instance.
  • URLs are easier for users to remember (no instance names).

some potential impacts are:

  1. Error accessing Salesforce (ex: Experience Cloud sites, Salesforce Sites, and Visualforce pages).
  2. Third-party applications can lose access to Salesforce data.
  3. Single sign-on integration failure (ex: Sandboxes, *.cloudforce.com, *.database.com).

When you enable enhanced domains, the domain suffix—the part after the My Domain name—changes for Experience Cloud sites, Salesforce Sites, content files, Site.com Studio, Experience Builder, and Visualforce URLs. And sandbox org URLs include the word “sandbox,” making it easy to identify a sandbox org from its URL.

When you enable enhanced domains, Salesforce URLs change across your org. Your production My Domain login URL doesn’t change.

Changes to happen after Enhanced domain:

URL Changes:

Enforcement will start in August 2022 for sandboxes and October 2022 for production orgs.

How to Enable Enhanced Domain in Salesforce.

  1. From Setup, in the Quick Find box, enter My Domain, and then select My Domain.
  2. Under My Domain Details, select Edit.
  1. If more suffixes are available for your org’s My Domain, a suffix dropdown list appears. Enhanced domains can only be enabled for the Standard suffix.
  2. Select Use enhanced domains.
  3. Save your changes.

Benefits are:

  1. Meets the latest browser security standards
  2. Improved certificate security standard
  3. Each domain now has its own certificate
  4. Uses the My Domain value for more features :
    1. Let users log in to Salesforce from the login page with a social account like Google or Facebook.
    2. Set a custom login policy to determine how users are authenticated.
    3. Work in multiple Salesforce org in the same browser at the same time.
  5. New domain names are designed to share cookies between domains.
  6. Sites/Salesforce Experience now uses My Domain

Set My Domain Login and Redirect Policies

  1. From Setup, in the Quick Find box, enter My Domain, and then select My Domain.
  2. In the Policies section, click Edit.
  3. To require that users log in with your My Domain, in production, select Prevent login from https://login.salesforce.com. Or, in a sandbox, select Prevent login from https://test.salesforce.com.When you enable this setting, users also can’t use your instanced URL, such as https://na77.salesforce.com, to log in.
  4. To require that SOAP API logins use your My Domain login URL, in production, select Prevent SOAP API login from https://login.salesforce.com. Or, in a sandbox, select Prevent login from https://test.salesforce.com.When you enable this setting, SOAP API logins also can’t use your instanced URL, such as https://na77.salesforce.com, to log in.
  5. Choose a redirect policy.
  6. To allow users to continue using URLs that don’t include your My Domain name, select Redirect to the same page within the domain.
  7. To remind users to use your My Domain URLs, select Redirect with a warning to the same page within the domain. Users briefly see a warning message, then they’re redirected to the page. You can’t customize the warning message. Select this option for a few days or weeks to help users transition to your new My Domain. The warning gives users a chance to change their bookmarks and get used to using the new URLs.
  8. To require users to use your My Domain URLs when viewing your pages, select Don’t Redirect (recommended).
  9. Save your changes.

2 Responses

  1. Good information thanks,
    If we have Single sign-on then do we need to do extra steps to enable enhanced domain

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

NetSuite Salesforce Integration: An Automation Guide

NetSuite Salesforce Integration is the seamless connection between NetSuite, a leading cloud-based Enterprise Resource Planning (ERP) system, and Salesforce, a premier Customer Relationship Management (CRM) platform.