Skuid and the Salesforce Guest User¶
As of the Winter 2021 release, Salesforce changed the default security permissions for the guest user profile. The guest user profile controls how unauthenticated users interact with public-facing communities, portals, and sites.
The new default security configuration is as restrictive as possible within Salesforce’s security model.
For guest users, the new security defaults include the following changes:
- Access to all objects is set to Private.
- Manual sharing or Apex managed sharing of records is no longer permitted.
The default security permissions affect Skuid pages and records in Salesforce objects.
Action must be taken to allow guest users to view:
For guest users to edit and delete records, consider alternative strategies, like purchasing Salesforce authenticated user licenses.
For more information about guest user sharing settings and record access, see Salesforce’s documentation on the topic.
Why can’t guest users see my Skuid page?¶
Guest user access to all objects is set to private. This means that Skuid pages, which are saved as records in a custom object, cannot be viewed by a guest user with the default security settings.
Salesforce’s guest user sharing rules provide a solution for unauthenticated users.
Guest user sharing rules and Skuid pages¶
For guest users to view Skuid pages, create sharing rules for Skuid pages in communities, portals, and sites.
To create a sharing rule for a Skuid page or pages:
Go to Setup in your Salesforce org.
Type Sharing Settings in the Quick Find box and select Sharing Settings.
Select Page in the picklist labeled Manage sharing settings for.
- Or, scroll down the All objects page until you locate Page.
In the Sharing Rules section for the Page object, click New.
- Enter basic information for the rule:
- Label and Rule Name: A descriptive name for the rule, such as Guest user Skuid page access. The rule name should autopopulate based on your label.
- Rule type: Guest user access, based on criteria
Specify the criteria:
- Field: Page Name
- Operator: equals
- Value: The exact name of the Skuid page
Note
Optionally, change the filter logic to allow for one sharing rule to allow access to multiple pages. To do so, click Add Filter Logic and change the relationship between the filters to OR, e.g. 1 OR 2 OR 3
In the Share with field, select the guest user to share the page record with.
Verify that the level of access is set to Read Only.
Click Save.
Now guest users can view Skuid pages.
Sharing rules, modules, and a ton of Skuid pages¶
What if you have a lot of Skuid pages and you don’t want to create multiple sharing rules or use filter logic to string together a long sequence of OR statements?
Consider using a module to group pages together and apply the sharing rule to the module, instead of individual pages.
Follow the steps in the previous section and replace the Page Name field with Module. Enter or select the name of the module in Value. Now, the sharing rule will apply to all pages within the module.
Why can’t guest users see data on my Skuid pages?¶
For the same reason that guest users could not see Skuid pages. The models in Skuid pages connect to objects that are set to Private.
Create sharing rules to allow guest users to see records from objects in a Salesforce org.
For more information, see Salesforce’s documentation on creating sharing rules.