#salesforce — Public Fediverse posts on home.social

Andy Engin Utkan @[email protected] · 2026-05-14 · 19:46 UTC

Warn and Inform with Native Toast Messages in Salesforce Flow

Just when the Salesforce community thought we had fully digested the Summer ’26 release notes, the product team decided to drop a classic “one more thing.” Adam White recently announced that two new functionalities were “snuck” into the release at the last minute. For those of us who live and breathe Flow Builder, this is like finding an extra gift under the tree after you thought Christmas was over.

The star of this stealth update? The Native Show Toast Message Action.

In this post, we’re going to break down why this is such a great update for Salesforce Admins, how we used to handle this the “old way”, and a clever trick to implement these notifications without cluttering your Flow logic.

What Exactly is a Toast Message?

In the world of User Experience (UX) and User Interface (UI) design, a Toast Message is a small, non-modal notification that “pops up” (like toast from a toaster) to provide feedback about an operation.

Unlike a modal or a popup window, a toast message doesn’t require the user to click “OK” to continue their work (though they can be configured to stay until dismissed). They are designed to be subtle but informative. In Salesforce, you usually see them at the top of the screen in green (Success), red (Error), yellow (Warning), or blue (Information).

Why Toasts Matter

Toasts are critical for a smooth user journey. They confirm that an action was successful or alert a user to a problem without breaking their concentration or forcing them to navigate to a new page. Without toasts, users are often left wondering, “Did that save?” or “Did my automation actually run?”

The Way We Were: The Era of UnofficialSF and AppExchange

For years, the request for a native “Show Toast” action in Flow was one of the most requested ideas. But for a long time, the answer from Salesforce was silence. This led the community to innovate on its own.

The UnofficialSF Method

To get a toast message in a Screen Flow, most Admins turned to UnofficialSF. This incredible community resource offered a “Show Toast” flow component. While it worked beautifully, it came with technical debt considerations:

Installation Management: You had to install a managed or unmanaged package in your production environment.
Maintenance: Every time Salesforce updated its API, you had to ensure your community-sourced components remained compatible.
Security Audits: In highly regulated industries (like Finance or Healthcare), getting a third-party package approved by a security team can take months.

The AppExchange and Custom LWC

Other Admins turned to the AppExchange for “Flow Utility” packs or, if they had developer resources, they wrote custom Lightning Web Components (LWC). An LWC could use the ShowToastEvent in JavaScript, but it required writing code, which goes against the “Clicks, Not Code” mantra that makes Flow so powerful.

That era is officially over. With the Summer ’26 release, the power is finally native.

Exploring the New Native “Show Toast” Action

The new functionality allows us to call a standard action directly from the Flow Builder. It is robust, flexible, and incredibly easy to configure. Here is what you can now do natively:

Style Selection

You can choose the “Flavor” of your notification. This dictates the icon and the color of the toast:

Success (Green): For when things go right.
Warning (Yellow): To alert users of a potential issue that doesn’t stop progress.
Information (Blue): General updates or helpful hints.
Error (Red): When a process fails or a validation is triggered.

Dismissal Control

You get to decide the “persistence” of the message.

Automatic: The toast appears and then fades away after a few seconds. This is great for simple success confirmations.
Manual: The toast stays on the screen until the user clicks the “X” to close it. This is vital for errors or warnings where you want to ensure the user has actually read the information.

Rich Messaging and URLs

This is where it gets really exciting. You aren’t limited to plain text.

Dynamic Resources: You can include Flow variables, formulas, or record fields in the title and description.
The “Curly Bracket” Trick: By using curly brackets { } in your message description, you can embed a URL. This could be a link to a public webpage, a internal Terms & Conditions document, or even a link to a specific Salesforce record.

Use Cases for Native Toasts

How should you use this in your day-to-day Admin life? Here are a few examples:

Eligibility Alerts: As shown in the video below, if a customer no longer qualifies for a service (e.g., they moved out of the service area), a toast can immediately inform the user the moment they open the record.

Data Validation Feedback: Instead of a clunky fault screen, show a red Error toast if a user enters data that doesn’t meet business criteria.
Onboarding Guidance: When a new Lead is created, show an “Information” toast with a link to the “Sales Playbook” for that specific industry.
Process Confirmation: After a complex Screen Flow that updates multiple records, show a “Success” toast that includes a link to the primary updated record. Please note that Salesforce included another action in the last minute that opens the newly created record on another tab for the user. Stay tuned for more updates related to that action.

The Pro Trick: Conditional Visibility via Lightning Record Pages

In the video, I demonstrated a clever way to use this. Normally, you might think you need to build a complex Flow that runs, checks criteria using a Decision element, and then decides to show the toast. There is a clever method.

Instead of putting the logic inside the Flow, you can keep the Flow extremely simple. Just the “Show Toast” action, and put the logic on the Lightning Record Page.

How to do it:

Create a simple Screen Flow: The flow only contains one element: the “Show Toast” action.
Add to Record Page: Drag the “Flow” component onto your Contact or Account page layout.
Set Component Visibility: In the Lightning App Builder, click on the Flow component. In the right-hand sidebar, go to Set Component Visibility.
Define Your Criteria: For example, set the visibility to Record > Last Name > Equals > Brock.

The Result: The Flow only “exists” and runs when that specific condition is met. When I go to Lex Luthor’s record, nothing happens. But when I navigate to Eddie Brock’s record, the Flow triggers, and the toast message pops up instantly: “Customer no longer qualifies for our services.”

This keeps your Flow canvas clean and offloads the “heavy lifting” to the Lightning UI engine.

Stop Duct Taping Your Flow Notifications

The “Sneaky” Summer ’26 release features prove that Salesforce is listening to the community. By making the Show Toast action native, they have removed the need for third-party dependencies, reduced technical debt, and given Admins a powerful new tool to communicate with users.

The ability to include clickable URLs and dynamic variables means our notifications can now be functional bridges to other parts of the business.

Enjoy this new functionality, folks! It’s a game-changer for Flow UX.

Watch the video here:

Does this new native action mean you’ll be retiring your unofficialSF packages? Let us know in the comments below!

Explore related content:

11 Flow Updates in Summer 26 Release

Get Your Org Ready: Summer ’26 Admin Highlights

Master Custom Batch Sizes for Schedule-Triggered Flows

#HowTo #NewReleaseUpdate #Salesforce #SalesforceAdmins #SalesforceDevelopers #Summer26 #Tutorial

#howto #newreleaseupdate #salesforce #salesforceadmins #salesforcedevelopers #summer26

Andy Engin Utkan @[email protected] · 2026-05-14 · 19:46 UTC

Warn and Inform with Native Toast Messages in Salesforce Flow

Just when the Salesforce community thought we had fully digested the Summer ’26 release notes, the product team decided to drop a classic “one more thing.” Adam White recently announced that two new functionalities were “snuck” into the release at the last minute. For those of us who live and breathe Flow Builder, this is like finding an extra gift under the tree after you thought Christmas was over.

The star of this stealth update? The Native Show Toast Message Action.

In this post, we’re going to break down why this is such a great update for Salesforce Admins, how we used to handle this the “old way”, and a clever trick to implement these notifications without cluttering your Flow logic.

What Exactly is a Toast Message?

In the world of User Experience (UX) and User Interface (UI) design, a Toast Message is a small, non-modal notification that “pops up” (like toast from a toaster) to provide feedback about an operation.

Unlike a modal or a popup window, a toast message doesn’t require the user to click “OK” to continue their work (though they can be configured to stay until dismissed). They are designed to be subtle but informative. In Salesforce, you usually see them at the top of the screen in green (Success), red (Error), yellow (Warning), or blue (Information).

Why Toasts Matter

Toasts are critical for a smooth user journey. They confirm that an action was successful or alert a user to a problem without breaking their concentration or forcing them to navigate to a new page. Without toasts, users are often left wondering, “Did that save?” or “Did my automation actually run?”

The Way We Were: The Era of UnofficialSF and AppExchange

For years, the request for a native “Show Toast” action in Flow was one of the most requested ideas. But for a long time, the answer from Salesforce was silence. This led the community to innovate on its own.

The UnofficialSF Method

To get a toast message in a Screen Flow, most Admins turned to UnofficialSF. This incredible community resource offered a “Show Toast” flow component. While it worked beautifully, it came with technical debt considerations:

Installation Management: You had to install a managed or unmanaged package in your production environment.
Maintenance: Every time Salesforce updated its API, you had to ensure your community-sourced components remained compatible.
Security Audits: In highly regulated industries (like Finance or Healthcare), getting a third-party package approved by a security team can take months.

The AppExchange and Custom LWC

Other Admins turned to the AppExchange for “Flow Utility” packs or, if they had developer resources, they wrote custom Lightning Web Components (LWC). An LWC could use the ShowToastEvent in JavaScript, but it required writing code, which goes against the “Clicks, Not Code” mantra that makes Flow so powerful.

That era is officially over. With the Summer ’26 release, the power is finally native.

Exploring the New Native “Show Toast” Action

The new functionality allows us to call a standard action directly from the Flow Builder. It is robust, flexible, and incredibly easy to configure. Here is what you can now do natively:

Style Selection

You can choose the “Flavor” of your notification. This dictates the icon and the color of the toast:

Success (Green): For when things go right.
Warning (Yellow): To alert users of a potential issue that doesn’t stop progress.
Information (Blue): General updates or helpful hints.
Error (Red): When a process fails or a validation is triggered.

Dismissal Control

You get to decide the “persistence” of the message.

Automatic: The toast appears and then fades away after a few seconds. This is great for simple success confirmations.
Manual: The toast stays on the screen until the user clicks the “X” to close it. This is vital for errors or warnings where you want to ensure the user has actually read the information.

Rich Messaging and URLs

This is where it gets really exciting. You aren’t limited to plain text.

Dynamic Resources: You can include Flow variables, formulas, or record fields in the title and description.
The “Curly Bracket” Trick: By using curly brackets { } in your message description, you can embed a URL. This could be a link to a public webpage, a internal Terms & Conditions document, or even a link to a specific Salesforce record.

Use Cases for Native Toasts

How should you use this in your day-to-day Admin life? Here are a few examples:

Eligibility Alerts: As shown in the video below, if a customer no longer qualifies for a service (e.g., they moved out of the service area), a toast can immediately inform the user the moment they open the record.

Data Validation Feedback: Instead of a clunky fault screen, show a red Error toast if a user enters data that doesn’t meet business criteria.
Onboarding Guidance: When a new Lead is created, show an “Information” toast with a link to the “Sales Playbook” for that specific industry.
Process Confirmation: After a complex Screen Flow that updates multiple records, show a “Success” toast that includes a link to the primary updated record. Please note that Salesforce included another action in the last minute that opens the newly created record on another tab for the user. Stay tuned for more updates related to that action.

The Pro Trick: Conditional Visibility via Lightning Record Pages

In the video, I demonstrated a clever way to use this. Normally, you might think you need to build a complex Flow that runs, checks criteria using a Decision element, and then decides to show the toast. There is a clever method.

Instead of putting the logic inside the Flow, you can keep the Flow extremely simple. Just the “Show Toast” action, and put the logic on the Lightning Record Page.

How to do it:

Create a simple Screen Flow: The flow only contains one element: the “Show Toast” action.
Add to Record Page: Drag the “Flow” component onto your Contact or Account page layout.
Set Component Visibility: In the Lightning App Builder, click on the Flow component. In the right-hand sidebar, go to Set Component Visibility.
Define Your Criteria: For example, set the visibility to Record > Last Name > Equals > Brock.

The Result: The Flow only “exists” and runs when that specific condition is met. When I go to Lex Luthor’s record, nothing happens. But when I navigate to Eddie Brock’s record, the Flow triggers, and the toast message pops up instantly: “Customer no longer qualifies for our services.”

This keeps your Flow canvas clean and offloads the “heavy lifting” to the Lightning UI engine.

Stop Duct Taping Your Flow Notifications

The “Sneaky” Summer ’26 release features prove that Salesforce is listening to the community. By making the Show Toast action native, they have removed the need for third-party dependencies, reduced technical debt, and given Admins a powerful new tool to communicate with users.

The ability to include clickable URLs and dynamic variables means our notifications can now be functional bridges to other parts of the business.

Enjoy this new functionality, folks! It’s a game-changer for Flow UX.

Watch the video here:

Does this new native action mean you’ll be retiring your unofficialSF packages? Let us know in the comments below!

Explore related content:

11 Flow Updates in Summer 26 Release

Get Your Org Ready: Summer ’26 Admin Highlights

Master Custom Batch Sizes for Schedule-Triggered Flows

#HowTo #NewReleaseUpdate #Salesforce #SalesforceAdmins #SalesforceDevelopers #Summer26 #Tutorial

#howto #newreleaseupdate #salesforce #salesforceadmins #salesforcedevelopers #summer26

Andy Engin Utkan @[email protected] · 2026-05-14 · 19:46 UTC

Warn and Inform with Native Toast Messages in Salesforce Flow

Just when the Salesforce community thought we had fully digested the Summer ’26 release notes, the product team decided to drop a classic “one more thing.” Adam White recently announced that two new functionalities were “snuck” into the release at the last minute. For those of us who live and breathe Flow Builder, this is like finding an extra gift under the tree after you thought Christmas was over.

The star of this stealth update? The Native Show Toast Message Action.

In this post, we’re going to break down why this is such a great update for Salesforce Admins, how we used to handle this the “old way”, and a clever trick to implement these notifications without cluttering your Flow logic.

What Exactly is a Toast Message?

In the world of User Experience (UX) and User Interface (UI) design, a Toast Message is a small, non-modal notification that “pops up” (like toast from a toaster) to provide feedback about an operation.

Unlike a modal or a popup window, a toast message doesn’t require the user to click “OK” to continue their work (though they can be configured to stay until dismissed). They are designed to be subtle but informative. In Salesforce, you usually see them at the top of the screen in green (Success), red (Error), yellow (Warning), or blue (Information).

Why Toasts Matter

Toasts are critical for a smooth user journey. They confirm that an action was successful or alert a user to a problem without breaking their concentration or forcing them to navigate to a new page. Without toasts, users are often left wondering, “Did that save?” or “Did my automation actually run?”

The Way We Were: The Era of UnofficialSF and AppExchange

For years, the request for a native “Show Toast” action in Flow was one of the most requested ideas. But for a long time, the answer from Salesforce was silence. This led the community to innovate on its own.

The UnofficialSF Method

To get a toast message in a Screen Flow, most Admins turned to UnofficialSF. This incredible community resource offered a “Show Toast” flow component. While it worked beautifully, it came with technical debt considerations:

Installation Management: You had to install a managed or unmanaged package in your production environment.
Maintenance: Every time Salesforce updated its API, you had to ensure your community-sourced components remained compatible.
Security Audits: In highly regulated industries (like Finance or Healthcare), getting a third-party package approved by a security team can take months.

The AppExchange and Custom LWC

Other Admins turned to the AppExchange for “Flow Utility” packs or, if they had developer resources, they wrote custom Lightning Web Components (LWC). An LWC could use the ShowToastEvent in JavaScript, but it required writing code, which goes against the “Clicks, Not Code” mantra that makes Flow so powerful.

That era is officially over. With the Summer ’26 release, the power is finally native.

Exploring the New Native “Show Toast” Action

The new functionality allows us to call a standard action directly from the Flow Builder. It is robust, flexible, and incredibly easy to configure. Here is what you can now do natively:

Style Selection

You can choose the “Flavor” of your notification. This dictates the icon and the color of the toast:

Success (Green): For when things go right.
Warning (Yellow): To alert users of a potential issue that doesn’t stop progress.
Information (Blue): General updates or helpful hints.
Error (Red): When a process fails or a validation is triggered.

Dismissal Control

You get to decide the “persistence” of the message.

Automatic: The toast appears and then fades away after a few seconds. This is great for simple success confirmations.
Manual: The toast stays on the screen until the user clicks the “X” to close it. This is vital for errors or warnings where you want to ensure the user has actually read the information.

Rich Messaging and URLs

This is where it gets really exciting. You aren’t limited to plain text.

Dynamic Resources: You can include Flow variables, formulas, or record fields in the title and description.
The “Curly Bracket” Trick: By using curly brackets { } in your message description, you can embed a URL. This could be a link to a public webpage, a internal Terms & Conditions document, or even a link to a specific Salesforce record.

Use Cases for Native Toasts

How should you use this in your day-to-day Admin life? Here are a few examples:

Eligibility Alerts: As shown in the video below, if a customer no longer qualifies for a service (e.g., they moved out of the service area), a toast can immediately inform the user the moment they open the record.

Data Validation Feedback: Instead of a clunky fault screen, show a red Error toast if a user enters data that doesn’t meet business criteria.
Onboarding Guidance: When a new Lead is created, show an “Information” toast with a link to the “Sales Playbook” for that specific industry.
Process Confirmation: After a complex Screen Flow that updates multiple records, show a “Success” toast that includes a link to the primary updated record. Please note that Salesforce included another action in the last minute that opens the newly created record on another tab for the user. Stay tuned for more updates related to that action.

The Pro Trick: Conditional Visibility via Lightning Record Pages

In the video, I demonstrated a clever way to use this. Normally, you might think you need to build a complex Flow that runs, checks criteria using a Decision element, and then decides to show the toast. There is a clever method.

Instead of putting the logic inside the Flow, you can keep the Flow extremely simple. Just the “Show Toast” action, and put the logic on the Lightning Record Page.

How to do it:

Create a simple Screen Flow: The flow only contains one element: the “Show Toast” action.
Add to Record Page: Drag the “Flow” component onto your Contact or Account page layout.
Set Component Visibility: In the Lightning App Builder, click on the Flow component. In the right-hand sidebar, go to Set Component Visibility.
Define Your Criteria: For example, set the visibility to Record > Last Name > Equals > Brock.

The Result: The Flow only “exists” and runs when that specific condition is met. When I go to Lex Luthor’s record, nothing happens. But when I navigate to Eddie Brock’s record, the Flow triggers, and the toast message pops up instantly: “Customer no longer qualifies for our services.”

This keeps your Flow canvas clean and offloads the “heavy lifting” to the Lightning UI engine.

Stop Duct Taping Your Flow Notifications

The “Sneaky” Summer ’26 release features prove that Salesforce is listening to the community. By making the Show Toast action native, they have removed the need for third-party dependencies, reduced technical debt, and given Admins a powerful new tool to communicate with users.

The ability to include clickable URLs and dynamic variables means our notifications can now be functional bridges to other parts of the business.

Enjoy this new functionality, folks! It’s a game-changer for Flow UX.

Watch the video here:

Does this new native action mean you’ll be retiring your unofficialSF packages? Let us know in the comments below!

Explore related content:

11 Flow Updates in Summer 26 Release

Get Your Org Ready: Summer ’26 Admin Highlights

Master Custom Batch Sizes for Schedule-Triggered Flows

#HowTo #NewReleaseUpdate #Salesforce #SalesforceAdmins #SalesforceDevelopers #Summer26 #Tutorial

#tutorial #summer26 #salesforcedevelopers #salesforceadmins #salesforce #newreleaseupdate

Brad Detchevery @[email protected] · 2026-05-14 · 14:56 UTC

Salesforce is putting out several important security updates over the next few months.

one of these is relates to multi-factor authentication. Here is a video explaining this more and what it could mean for you.

#Salesforce #mfa #security

https://youtu.be/cgGTTm0d9xs?si=TrIPqVu7cKyKeBUv

@b0rk
@hak5
@JohnHammond
@patrickcmiller
@lovelacecoding

#salesforce #mfa #security

Daniel Walker @[email protected] · 2026-05-14 · 14:13 UTC

Salesforce Einstein AI: From Good Predictions to Smarter Business Decisions

Discover how Salesforce Einstein AI is transforming customer engagement with predictive intelligence, automation, and data-driven insights. Learn what bridges the gap between AI predictions and real business outcomes to improve sales, service, and customer experiences.

#Salesforce #EinsteinAI #ArtificialIntelligence #CRM #SalesforceAI #BusinessAutomation #PredictiveAnalytics

#salesforce #einsteinai #artificialintelligence #crm #salesforceai #businessautomation

Daniel Walker @[email protected] · 2026-05-14 · 14:13 UTC

Salesforce Einstein AI: From Good Predictions to Smarter Business Decisions

Discover how Salesforce Einstein AI is transforming customer engagement with predictive intelligence, automation, and data-driven insights. Learn what bridges the gap between AI predictions and real business outcomes to improve sales, service, and customer experiences.

#Salesforce #EinsteinAI #ArtificialIntelligence #CRM #SalesforceAI #BusinessAutomation #PredictiveAnalytics

#salesforce #einsteinai #artificialintelligence #crm #salesforceai #businessautomation

Daniel Walker @[email protected] · 2026-05-14 · 14:13 UTC

Salesforce Einstein AI: From Good Predictions to Smarter Business Decisions

Discover how Salesforce Einstein AI is transforming customer engagement with predictive intelligence, automation, and data-driven insights. Learn what bridges the gap between AI predictions and real business outcomes to improve sales, service, and customer experiences.

#Salesforce #EinsteinAI #ArtificialIntelligence #CRM #SalesforceAI #BusinessAutomation #PredictiveAnalytics

#salesforce #einsteinai #artificialintelligence #crm #salesforceai #businessautomation

Daniel Walker @[email protected] · 2026-05-14 · 14:13 UTC

Salesforce Einstein AI: From Good Predictions to Smarter Business Decisions

Discover how Salesforce Einstein AI is transforming customer engagement with predictive intelligence, automation, and data-driven insights. Learn what bridges the gap between AI predictions and real business outcomes to improve sales, service, and customer experiences.

#Salesforce #EinsteinAI #ArtificialIntelligence #CRM #SalesforceAI #BusinessAutomation #PredictiveAnalytics

#predictiveanalytics #businessautomation #salesforceai #crm #artificialintelligence #einsteinai

Daniel Walker @[email protected] · 2026-05-14 · 14:13 UTC

Salesforce Einstein AI: From Good Predictions to Smarter Business Decisions

Discover how Salesforce Einstein AI is transforming customer engagement with predictive intelligence, automation, and data-driven insights. Learn what bridges the gap between AI predictions and real business outcomes to improve sales, service, and customer experiences.

#Salesforce #EinsteinAI #ArtificialIntelligence #CRM #SalesforceAI #BusinessAutomation #PredictiveAnalytics

#salesforce #einsteinai #artificialintelligence #crm #salesforceai #businessautomation

Florian @[email protected] · 2026-05-14 · 14:12 UTC

Ok I am truly sorry to be that guy. BUT:

Can we PLEASE, leave the "#AI improves #accessibility" talks to people who actually benefit from #accessibility?

I see SO MANY articles, On LinkedIn, on Slack, on Medium, about how AI improves #accessibility metrics, compliance, automates all the things.

Newsflash: your metrics are likely incomplete or inconclusive, compliance is at best an illusory snapshot, and automation for #accessibility is still a pipe dream, and that's coming from someone who actually uses these tools OUTSIDE a presentation room.

I don't care if you're #microsoft, #salesforce or whichever other big name that makes you feel authoritative. You're wrong, sorry to say.

Want ACTUAL stories from ACTUAL people using #AI to improve #accessibility? Hire me and I'll talk your ear off. That's been me for months now.
Don't want to, right before #GAAD? Welp ... that tells its own story then, doesn't it?

#accessibility #microsoft #salesforce #ai #gaad

Florian @[email protected] · 2026-05-14 · 14:12 UTC

Ok I am truly sorry to be that guy. BUT:

Can we PLEASE, leave the "#AI improves #accessibility" talks to people who actually benefit from #accessibility?

I see SO MANY articles, On LinkedIn, on Slack, on Medium, about how AI improves #accessibility metrics, compliance, automates all the things.

Newsflash: your metrics are likely incomplete or inconclusive, compliance is at best an illusory snapshot, and automation for #accessibility is still a pipe dream, and that's coming from someone who actually uses these tools OUTSIDE a presentation room.

I don't care if you're #microsoft, #salesforce or whichever other big name that makes you feel authoritative. You're wrong, sorry to say.

Want ACTUAL stories from ACTUAL people using #AI to improve #accessibility? Hire me and I'll talk your ear off. That's been me for months now.
Don't want to, right before #GAAD? Welp ... that tells its own story then, doesn't it?

#accessibility #microsoft #salesforce #ai #gaad

Florian @[email protected] · 2026-05-14 · 14:12 UTC

Ok I am truly sorry to be that guy. BUT:

Can we PLEASE, leave the "#AI improves #accessibility" talks to people who actually benefit from #accessibility?

I see SO MANY articles, On LinkedIn, on Slack, on Medium, about how AI improves #accessibility metrics, compliance, automates all the things.

Newsflash: your metrics are likely incomplete or inconclusive, compliance is at best an illusory snapshot, and automation for #accessibility is still a pipe dream, and that's coming from someone who actually uses these tools OUTSIDE a presentation room.

I don't care if you're #microsoft, #salesforce or whichever other big name that makes you feel authoritative. You're wrong, sorry to say.

Want ACTUAL stories from ACTUAL people using #AI to improve #accessibility? Hire me and I'll talk your ear off. That's been me for months now.
Don't want to, right before #GAAD? Welp ... that tells its own story then, doesn't it?

#gaad #ai #salesforce #microsoft #accessibility

Florian @[email protected] · 2026-05-14 · 14:12 UTC

Ok I am truly sorry to be that guy. BUT:

Can we PLEASE, leave the "#AI improves #accessibility" talks to people who actually benefit from #accessibility?

I see SO MANY articles, On LinkedIn, on Slack, on Medium, about how AI improves #accessibility metrics, compliance, automates all the things.

Newsflash: your metrics are likely incomplete or inconclusive, compliance is at best an illusory snapshot, and automation for #accessibility is still a pipe dream, and that's coming from someone who actually uses these tools OUTSIDE a presentation room.

I don't care if you're #microsoft, #salesforce or whichever other big name that makes you feel authoritative. You're wrong, sorry to say.

Want ACTUAL stories from ACTUAL people using #AI to improve #accessibility? Hire me and I'll talk your ear off. That's been me for months now.
Don't want to, right before #GAAD? Welp ... that tells its own story then, doesn't it?

#accessibility #microsoft #salesforce #ai #gaad

Vrinda International @[email protected] · 2026-05-11 · 11:22 UTC

🚀 Hiring Alert | Business Analyst – Insurance Domain

INTERESTED CANDIDATE CAN APPLY ON - https://zurl.co/xZ8ag
#Hiring #BusinessAnalyst #InsuranceDomain #Qlik #Salesforce #SQL #Snowflake #DataAnalytics #BusinessIntelligence

#hiring #businessanalyst #insurancedomain #qlik #salesforce #sql

Vrinda International @[email protected] · 2026-05-11 · 11:22 UTC

🚀 Hiring Alert | Business Analyst – Insurance Domain

INTERESTED CANDIDATE CAN APPLY ON - https://zurl.co/xZ8ag
#Hiring #BusinessAnalyst #InsuranceDomain #Qlik #Salesforce #SQL #Snowflake #DataAnalytics #BusinessIntelligence

#hiring #businessanalyst #insurancedomain #qlik #salesforce #sql

Vrinda International @[email protected] · 2026-05-11 · 11:22 UTC

🚀 Hiring Alert | Business Analyst – Insurance Domain

INTERESTED CANDIDATE CAN APPLY ON - https://zurl.co/xZ8ag
#Hiring #BusinessAnalyst #InsuranceDomain #Qlik #Salesforce #SQL #Snowflake #DataAnalytics #BusinessIntelligence

#hiring #businessanalyst #insurancedomain #qlik #salesforce #sql

Vrinda International @[email protected] · 2026-05-11 · 11:22 UTC

🚀 Hiring Alert | Business Analyst – Insurance Domain

INTERESTED CANDIDATE CAN APPLY ON - https://zurl.co/xZ8ag
#Hiring #BusinessAnalyst #InsuranceDomain #Qlik #Salesforce #SQL #Snowflake #DataAnalytics #BusinessIntelligence

#businessintelligence #dataanalytics #snowflake #sql #salesforce #qlik

Vrinda International @[email protected] · 2026-05-11 · 11:22 UTC

🚀 Hiring Alert | Business Analyst – Insurance Domain

INTERESTED CANDIDATE CAN APPLY ON - https://zurl.co/xZ8ag
#Hiring #BusinessAnalyst #InsuranceDomain #Qlik #Salesforce #SQL #Snowflake #DataAnalytics #BusinessIntelligence

#hiring #businessanalyst #insurancedomain #qlik #salesforce #sql

LilMikeSF @[email protected] · 2026-05-08 · 15:50 UTC

#Canvas login portals for 15,000 institutions, including top universities like Harvard and Oxford, has exfiltrated 3.65 terabytes of student and faculty data in their boldest attempt at monetizing stolen data since announcing itself as #ShinyHunters in 2020.

This massive black hat #BigEdu data security attack runs alongside concurrent supply chain grift attacks on corporate players like #Vimeo #WynnResorts #Snowflake and #Zara, exposing critical flaws in #EdTech & #Corporate #InfoSec partcularly protocol for third-party vendor trust.

The nefarious #ShinyHunters cabal has infiltrated over 400+ organizations in #SAAS & #DRM data breaches including #Google #Salesforce #Workday, #Crunchbase, #Gucci, #Coinbase, and #Qantas airlines not to mention so called "Security" professionals such as #CrowdStrike and #ADT

https://www.pcmag.com/news/video-platform-vimeo-hacked-by-shinyhunters-gang

https://www.docontrol.io/blog/shinyhunters

https://www.securityweek.com/wynn-resorts-says-21000-employees-affected-by-shinyhunters-hack/

https://www.reco.ai/blog/shinyhunters-data-breach-vs-saas-why-dynamic-security-matters

#canvas #shinyhunters #bigedu #vimeo #wynnresorts #snowflake

LilMikeSF @[email protected] · 2026-05-08 · 15:50 UTC

#Canvas login portals for 15,000 institutions, including top universities like Harvard and Oxford, has exfiltrated 3.65 terabytes of student and faculty data in their boldest attempt at monetizing stolen data since announcing itself as #ShinyHunters in 2020.

This massive black hat #BigEdu data security attack runs alongside concurrent supply chain grift attacks on corporate players like #Vimeo #WynnResorts #Snowflake and #Zara, exposing critical flaws in #EdTech & #Corporate #InfoSec partcularly protocol for third-party vendor trust.

The nefarious #ShinyHunters cabal has infiltrated over 400+ organizations in #SAAS & #DRM data breaches including #Google #Salesforce #Workday, #Crunchbase, #Gucci, #Coinbase, and #Qantas airlines not to mention so called "Security" professionals such as #CrowdStrike and #ADT

https://www.pcmag.com/news/video-platform-vimeo-hacked-by-shinyhunters-gang

https://www.docontrol.io/blog/shinyhunters

https://www.securityweek.com/wynn-resorts-says-21000-employees-affected-by-shinyhunters-hack/

https://www.reco.ai/blog/shinyhunters-data-breach-vs-saas-why-dynamic-security-matters

#adt #crowdstrike #qantas #coinbase #gucci #crunchbase

LilMikeSF @[email protected] · 2026-05-08 · 15:50 UTC

#Canvas login portals for 15,000 institutions, including top universities like Harvard and Oxford, has exfiltrated 3.65 terabytes of student and faculty data in their boldest attempt at monetizing stolen data since announcing itself as #ShinyHunters in 2020.

This massive black hat #BigEdu data security attack runs alongside concurrent supply chain grift attacks on corporate players like #Vimeo #WynnResorts #Snowflake and #Zara, exposing critical flaws in #EdTech & #Corporate #InfoSec partcularly protocol for third-party vendor trust.

The nefarious #ShinyHunters cabal has infiltrated over 400+ organizations in #SAAS & #DRM data breaches including #Google #Salesforce #Workday, #Crunchbase, #Gucci, #Coinbase, and #Qantas airlines not to mention so called "Security" professionals such as #CrowdStrike and #ADT

https://www.pcmag.com/news/video-platform-vimeo-hacked-by-shinyhunters-gang

https://www.docontrol.io/blog/shinyhunters

https://www.securityweek.com/wynn-resorts-says-21000-employees-affected-by-shinyhunters-hack/

https://www.reco.ai/blog/shinyhunters-data-breach-vs-saas-why-dynamic-security-matters

#canvas #shinyhunters #bigedu #vimeo #wynnresorts #snowflake

Leanpub @[email protected] · 2026-05-08 · 01:45 UTC

New 📚 Release! Mastering Salesforce Sales Cloud: Building Your Sales Pipeline from Scratch by Konstantin Kapitanov

PART I - Sales Cloud for Sales Managers

and Sales Reps,

PART II - Sales Cloud for Product Owners, IT Managers, and Admins

Find it on Leanpub!

Link: https://leanpub.com/masteringsalesforce

#books #salesforce #sales #career #success #newrelease

Andy Engin Utkan @[email protected] · 2026-05-06 · 16:47 UTC

How Salesforce Will Secure Your Org Against Hackers

Security and convenience are almost always inversely correlated. Making something more secure inherently makes it harder to access, which creates real friction for everyday users. This tension is nothing new. Hackers have always sought unauthorized access to systems, but historically, the barriers were high: computers were expensive and internet access was scarce. This is no longer true.

This battle front has always favored attackers. Security teams must successfully defend against every single intrusion attempt, while hackers only need to succeed once. A single breach can cause significant damage.

What’s changed is the scale and speed of attacks. AI has dramatically lowered the barrier to entry, enabling hackers to probe far more systems, far more frequently than ever before.

Recently, several Salesforce customers experienced significant system breaches involving their Salesforce instances, most notably those tied to the ShinyHunters cybercriminal group. What made these incidents particularly damaging was that the compromised accounts belonged to users with elevated access, including admins and developers. Salesforce denied responsibility and took limited action, largely confining its response to informing and educating the ecosystem about the risks of phishing and vishing attacks.

It seems like that is about to change. Big time.

Salesforce decided to enforce multiple security controls starting June-August 2026 to prevent credential theft, data exfiltration, and account takeovers. IP range restrictions originally planned are no longer being mandated, but MFA for all employee users, phishing-resistant MFA for admins, auto-containment for high-risk connections, and step-up authentication for reports will be enforced.

This means your life is about to get more difficult, especially if you have elevated access typically used by admins, developers and architects.

The New Security Direction by Salesforce

MFA exemption permission restricted: The “Waive Multifactor Authentication for Exempt Users” permission will be removed except for justified cases (automation/testing users) requiring support approval.
New permission set required: “Modify Transaction Security Policy” permission set introduced. Users need both the new “Modify Transaction Security Policy” permission AND the existing “Customize Application” permission to manage TSPs. Users with only the Customize Application permission will be downgraded to read-only access for TSPs.
IP range restriction enforcement removed: The requirement to use IP ranges on profiles and the “enforce login ranges on every request” setting will not be mandated, though strongly recommended for customers who can implement them.
Staggered rollout approach: Enforcement timelines extended and staggered by instance to minimize customer disruption.

Security Controls Being Enforced

Auto-Containment Measures

High-risk IP blocking was expanded April 24th to include all connected app and API traffic from anonymizing VPNs, proxies, and high-risk IP addresses; users are contained automatically with admin notifications. Extended login anomaly containment applies to all internal user login behavior (excluding external/community users) and focuses on detecting suspicious login patterns. There is no allow-list override, meaning even allow-listed IP addresses will be contained if classified as high-risk at connection time. There are also AWS integration issues under active investigation, with some AWS IP addresses being incorrectly flagged and the issue currently being resolved.

MFA Requirements

All Employee Users:

MFA is required for all employee license users, excluding Experience Cloud and external users. Enforcement is handled via locked settings, so admins cannot disable it. API-only logins are exempt, as the requirement applies exclusively to UI logins. For SSO, providers must pass AMR/ACR signals indicating strong or phishing-resistant MFA.

Timeline: Sandboxes June 22-29; Production July 20-August 17

Admins and Privileged Users:

Phishing-resistant MFA is required for users with elevated privileges, specifically those on the default Sys Admin profile or holding Modify All Data, View All Data, Customize Application, or Author Apex permissions. This standard is stricter than standard MFA, and mobile authenticator apps do not meet the threshold. Only security keys and built-in authenticators or passkeys qualify.

Timeline: Sandboxes June 22-29; Production July 1-27

Email Domain Verification

DKIM or authorized email domain verification is required for all email sending domains (this was previously announced). Enforcement is being rolled out on a staggered timeline; check the timeline knowledge article for the latest dates. A tool is also available to verify compliance status.

Step-Up Authentication for Reports

Time-Based Session Policy:

Additional authentication required when users spend considerable time on reports.
Admins can configure the “Require step-up authentication within cool-down period” session-level policy to an exact cadence between 2 and 120 minutes (with 120 minutes being the default); logging in with MFA does not reset timer.
Verification methods: Users can use any supported MFA method, including Passkeys, Security Keys, Salesforce Authenticator, and third-party TOTP apps. The email and SMS One-Time Password (OTP) options are specifically fallback challenges for Single Sign-On (SSO) users who do not have a Salesforce MFA method registered.
Report access blocked if authentication fails (UI only, not API).
Timeline: Available May 27 (sandbox/production); Enforced June 3 (sandbox), June 10-July 4 (production).

Anomalous Behavior Detection:

ML-based detection triggers authentication when unusual report viewing/downloading behavior detected.
Users must configure at least one verification method (authenticator app, phone, email) or report access blocked.
Timeline: Enforced June 22 (sandbox), July 13 (production).

Transaction Security Policy Enhancements (Shield/Event Monitoring customers only):

Step-up authentication required when downloading >10,000 records from reports.
Required for any create/update/delete/enable/disable operations on transaction security policies.
Timeline: Available June 1 (sandbox), June 15 (production); Enforced June 22 (sandbox), July 13 (production).

Additional Considerations

Mobile SDK Lockout Risk for Admins: Warning for admins using the Salesforce Mobile App or custom Mobile SDK apps. Mobile SDK version 13.2.0 and earlier does not support phishing-resistant MFA. Admins using these older versions will be blocked from logging in unless their org pre-configures advanced authentication in My Domain, or until they utilize the new “Login for Admins” browser-based flow arriving in Mobile SDK 13.2.1

Impact on “Waive MFA” Permission: Please note the exact behavior of the “Waive Multi-Factor Authentication for Exempt Users” permission. After enforcement, this permission will no longer automatically waive the MFA requirement; users with this permission will actually be prompted to enroll in MFA in the UI. To restore this exemption for valid testing/automation tools, admins must proactively contact Salesforce Support for approval.

Passwordless Login Recommendation: Please note the best-practice recommendation of enabling “Allow passwordless login with passkeys”. This allows users (especially privileged admins) to meet the strict phishing-resistant MFA requirement by simply logging in with their username and a biometric passkey or security key, bypassing the need for a password and streamlining their experience.

Trial Org Grace Period: Note that Trial Orgs converted to a paid subscription will no longer receive a 30-day grace period to comply with the MFA requirement.

MFA Edge Cases and Exceptions

Experience Cloud and Community users are completely exempt from this specific MFA login mandate. API-only users with the API-only permission assigned are exempt from MFA, as the requirement applies exclusively to UI logins. For Windows SSO, check the AMR field in login history for OIDC, or use the SAML Validator tool for SAML; ignore the strong/weak classification and only verify that the signal is present. Free scratch orgs are not in scope, as MFA enforcement applies only to paid sandbox orgs. When it comes to device activation, MFA takes precedence, and completing MFA exempts users from device activation prompts. Finally, custom IDPs must follow SAML/OIDC industry standards for passing AMR/ACR signals; contact your account team or support for provider-specific nuances.

Customer Communication Plan

Knowledge articles were published, you will find the links in this post. System administrators and security contacts received email notifications on the 6th of May, 2026. Product managers will be hosting webinars on Wednesday, May 13th, with both early and late US time slots available. For the early webinar time, click here. For the later time, click here.

Action Items

Partners: Review client orgs for current VPN usage and MFA exemption permission assignments; prepare clients for June-August enforcement timelines.
Admins: Test MFA configurations in sandboxes starting June 22; ensure users have at least one verification method configured (email/SMS/authenticator).
SSO administrators: Verify AMR/ACR signals are being passed correctly using login history (OIDC) or SAML Validator tool (SAML).
Shield customers: Review transaction security policies and prepare for step-up authentication on report downloads >10,000 records and policy modifications.
All customers: Set up DKIM keys or authorized email domains; use in-app verification tool to check compliance.

Don’t Wait for Enforcement to Find Your Gaps

Salesforce’s upcoming security enforcement represents a meaningful shift in how the platform approaches user protection. For years, the responsibility fell almost entirely on customers to configure and maintain their own security posture. That’s changing. Whether you’re an admin, developer, architect, or partner, the June through August enforcement windows are closer than they appear. Audit your orgs, test your configurations in sandbox, and make sure your users are set up with the right verification methods before enforcement kicks in. The friction is real, but so is the risk it’s designed to address. See the official Salesforce documentation here.

Explore related content:

Setup with Agentforce: What Salesforce Admins Need to Know

The Salesforce DKIM Sandbox Problem, and How to Fix It

Clean Data, Smart Flows: Automating Data Cleanup in Salesforce Nonprofit Cloud

#DomainVerification #MFA #Salesforce #SalesforceTutorial #Secutiry #Tutorial

#domainverification #mfa #salesforce #salesforcetutorial #secutiry #tutorial

Andy Engin Utkan @[email protected] · 2026-05-06 · 16:47 UTC

How Salesforce Will Secure Your Org Against Hackers

Security and convenience are almost always inversely correlated. Making something more secure inherently makes it harder to access, which creates real friction for everyday users. This tension is nothing new. Hackers have always sought unauthorized access to systems, but historically, the barriers were high: computers were expensive and internet access was scarce. This is no longer true.

This battle front has always favored attackers. Security teams must successfully defend against every single intrusion attempt, while hackers only need to succeed once. A single breach can cause significant damage.

What’s changed is the scale and speed of attacks. AI has dramatically lowered the barrier to entry, enabling hackers to probe far more systems, far more frequently than ever before.

Recently, several Salesforce customers experienced significant system breaches involving their Salesforce instances, most notably those tied to the ShinyHunters cybercriminal group. What made these incidents particularly damaging was that the compromised accounts belonged to users with elevated access, including admins and developers. Salesforce denied responsibility and took limited action, largely confining its response to informing and educating the ecosystem about the risks of phishing and vishing attacks.

It seems like that is about to change. Big time.

Salesforce decided to enforce multiple security controls starting June-August 2026 to prevent credential theft, data exfiltration, and account takeovers. IP range restrictions originally planned are no longer being mandated, but MFA for all employee users, phishing-resistant MFA for admins, auto-containment for high-risk connections, and step-up authentication for reports will be enforced.

This means your life is about to get more difficult, especially if you have elevated access typically used by admins, developers and architects.

The New Security Direction by Salesforce

MFA exemption permission restricted: The “Waive Multifactor Authentication for Exempt Users” permission will be removed except for justified cases (automation/testing users) requiring support approval.
New permission set required: “Modify Transaction Security Policy” permission set introduced. Users need both the new “Modify Transaction Security Policy” permission AND the existing “Customize Application” permission to manage TSPs. Users with only the Customize Application permission will be downgraded to read-only access for TSPs.
IP range restriction enforcement removed: The requirement to use IP ranges on profiles and the “enforce login ranges on every request” setting will not be mandated, though strongly recommended for customers who can implement them.
Staggered rollout approach: Enforcement timelines extended and staggered by instance to minimize customer disruption.

Security Controls Being Enforced

Auto-Containment Measures

High-risk IP blocking was expanded April 24th to include all connected app and API traffic from anonymizing VPNs, proxies, and high-risk IP addresses; users are contained automatically with admin notifications. Extended login anomaly containment applies to all internal user login behavior (excluding external/community users) and focuses on detecting suspicious login patterns. There is no allow-list override, meaning even allow-listed IP addresses will be contained if classified as high-risk at connection time. There are also AWS integration issues under active investigation, with some AWS IP addresses being incorrectly flagged and the issue currently being resolved.

MFA Requirements

All Employee Users:

MFA is required for all employee license users, excluding Experience Cloud and external users. Enforcement is handled via locked settings, so admins cannot disable it. API-only logins are exempt, as the requirement applies exclusively to UI logins. For SSO, providers must pass AMR/ACR signals indicating strong or phishing-resistant MFA.

Timeline: Sandboxes June 22-29; Production July 20-August 17

Admins and Privileged Users:

Phishing-resistant MFA is required for users with elevated privileges, specifically those on the default Sys Admin profile or holding Modify All Data, View All Data, Customize Application, or Author Apex permissions. This standard is stricter than standard MFA, and mobile authenticator apps do not meet the threshold. Only security keys and built-in authenticators or passkeys qualify.

Timeline: Sandboxes June 22-29; Production July 1-27

Email Domain Verification

DKIM or authorized email domain verification is required for all email sending domains (this was previously announced). Enforcement is being rolled out on a staggered timeline; check the timeline knowledge article for the latest dates. A tool is also available to verify compliance status.

Step-Up Authentication for Reports

Time-Based Session Policy:

Additional authentication required when users spend considerable time on reports.
Admins can configure the “Require step-up authentication within cool-down period” session-level policy to an exact cadence between 2 and 120 minutes (with 120 minutes being the default); logging in with MFA does not reset timer.
Verification methods: Users can use any supported MFA method, including Passkeys, Security Keys, Salesforce Authenticator, and third-party TOTP apps. The email and SMS One-Time Password (OTP) options are specifically fallback challenges for Single Sign-On (SSO) users who do not have a Salesforce MFA method registered.
Report access blocked if authentication fails (UI only, not API).
Timeline: Available May 27 (sandbox/production); Enforced June 3 (sandbox), June 10-July 4 (production).

Anomalous Behavior Detection:

ML-based detection triggers authentication when unusual report viewing/downloading behavior detected.
Users must configure at least one verification method (authenticator app, phone, email) or report access blocked.
Timeline: Enforced June 22 (sandbox), July 13 (production).

Transaction Security Policy Enhancements (Shield/Event Monitoring customers only):

Step-up authentication required when downloading >10,000 records from reports.
Required for any create/update/delete/enable/disable operations on transaction security policies.
Timeline: Available June 1 (sandbox), June 15 (production); Enforced June 22 (sandbox), July 13 (production).

Additional Considerations

Mobile SDK Lockout Risk for Admins: Warning for admins using the Salesforce Mobile App or custom Mobile SDK apps. Mobile SDK version 13.2.0 and earlier does not support phishing-resistant MFA. Admins using these older versions will be blocked from logging in unless their org pre-configures advanced authentication in My Domain, or until they utilize the new “Login for Admins” browser-based flow arriving in Mobile SDK 13.2.1

Impact on “Waive MFA” Permission: Please note the exact behavior of the “Waive Multi-Factor Authentication for Exempt Users” permission. After enforcement, this permission will no longer automatically waive the MFA requirement; users with this permission will actually be prompted to enroll in MFA in the UI. To restore this exemption for valid testing/automation tools, admins must proactively contact Salesforce Support for approval.

Passwordless Login Recommendation: Please note the best-practice recommendation of enabling “Allow passwordless login with passkeys”. This allows users (especially privileged admins) to meet the strict phishing-resistant MFA requirement by simply logging in with their username and a biometric passkey or security key, bypassing the need for a password and streamlining their experience.

Trial Org Grace Period: Note that Trial Orgs converted to a paid subscription will no longer receive a 30-day grace period to comply with the MFA requirement.

MFA Edge Cases and Exceptions

Experience Cloud and Community users are completely exempt from this specific MFA login mandate. API-only users with the API-only permission assigned are exempt from MFA, as the requirement applies exclusively to UI logins. For Windows SSO, check the AMR field in login history for OIDC, or use the SAML Validator tool for SAML; ignore the strong/weak classification and only verify that the signal is present. Free scratch orgs are not in scope, as MFA enforcement applies only to paid sandbox orgs. When it comes to device activation, MFA takes precedence, and completing MFA exempts users from device activation prompts. Finally, custom IDPs must follow SAML/OIDC industry standards for passing AMR/ACR signals; contact your account team or support for provider-specific nuances.

Customer Communication Plan

Knowledge articles were published, you will find the links in this post. System administrators and security contacts received email notifications on the 6th of May, 2026. Product managers will be hosting webinars on Wednesday, May 13th, with both early and late US time slots available. For the early webinar time, click here. For the later time, click here.

Action Items

Partners: Review client orgs for current VPN usage and MFA exemption permission assignments; prepare clients for June-August enforcement timelines.
Admins: Test MFA configurations in sandboxes starting June 22; ensure users have at least one verification method configured (email/SMS/authenticator).
SSO administrators: Verify AMR/ACR signals are being passed correctly using login history (OIDC) or SAML Validator tool (SAML).
Shield customers: Review transaction security policies and prepare for step-up authentication on report downloads >10,000 records and policy modifications.
All customers: Set up DKIM keys or authorized email domains; use in-app verification tool to check compliance.

Don’t Wait for Enforcement to Find Your Gaps

Salesforce’s upcoming security enforcement represents a meaningful shift in how the platform approaches user protection. For years, the responsibility fell almost entirely on customers to configure and maintain their own security posture. That’s changing. Whether you’re an admin, developer, architect, or partner, the June through August enforcement windows are closer than they appear. Audit your orgs, test your configurations in sandbox, and make sure your users are set up with the right verification methods before enforcement kicks in. The friction is real, but so is the risk it’s designed to address. See the official Salesforce documentation here.

Explore related content:

Setup with Agentforce: What Salesforce Admins Need to Know

The Salesforce DKIM Sandbox Problem, and How to Fix It

Clean Data, Smart Flows: Automating Data Cleanup in Salesforce Nonprofit Cloud

#DomainVerification #MFA #Salesforce #SalesforceTutorial #Secutiry #Tutorial

#tutorial #secutiry #salesforcetutorial #salesforce #mfa #domainverification

Esparta :ruby: @[email protected] · 2026-05-05 · 00:32 UTC

gotta love when #heroku changes their CLI on-the-fly and without warnings

a few couple of hours ago I was able to filter the logs by using `--process-type=router`, the next time the option is gone. Why?

it looks like #Salesforce really hate us.

#heroku #salesforce

Jonathan Kamens 86 47 @[email protected] · 2026-04-28 · 19:16 UTC

#TFW the consultant who maintains your company's #Salesforce sets up #DKIM in Salesforce's sandbox environment and asks you to create the necessary #DNS records for it and doesn't understand why it's a problem that he used the same selectors (i.e., DNS record names) for the sandbox environment that are already being used in production.
(I'm sure he has an expert-level proficiency in Salesforce, but maybe not so much in email security.)

#tfw #salesforce #dkim #dns

Jonathan Kamens 86 47 @[email protected] · 2026-04-28 · 19:16 UTC

#TFW the consultant who maintains your company's #Salesforce sets up #DKIM in Salesforce's sandbox environment and asks you to create the necessary #DNS records for it and doesn't understand why it's a problem that he used the same selectors (i.e., DNS record names) for the sandbox environment that are already being used in production.
(I'm sure he has an expert-level proficiency in Salesforce, but maybe not so much in email security.)

#tfw #salesforce #dkim #dns

Jonathan Kamens 86 47 @[email protected] · 2026-04-28 · 19:16 UTC

#TFW the consultant who maintains your company's #Salesforce sets up #DKIM in Salesforce's sandbox environment and asks you to create the necessary #DNS records for it and doesn't understand why it's a problem that he used the same selectors (i.e., DNS record names) for the sandbox environment that are already being used in production.
(I'm sure he has an expert-level proficiency in Salesforce, but maybe not so much in email security.)

#tfw #salesforce #dkim #dns

Jonathan Kamens 86 47 @[email protected] · 2026-04-28 · 19:16 UTC

#TFW the consultant who maintains your company's #Salesforce sets up #DKIM in Salesforce's sandbox environment and asks you to create the necessary #DNS records for it and doesn't understand why it's a problem that he used the same selectors (i.e., DNS record names) for the sandbox environment that are already being used in production.
(I'm sure he has an expert-level proficiency in Salesforce, but maybe not so much in email security.)

#dns #dkim #salesforce #tfw

Jonathan Kamens 86 47 @[email protected] · 2026-04-28 · 19:16 UTC

#TFW the consultant who maintains your company's #Salesforce sets up #DKIM in Salesforce's sandbox environment and asks you to create the necessary #DNS records for it and doesn't understand why it's a problem that he used the same selectors (i.e., DNS record names) for the sandbox environment that are already being used in production.
(I'm sure he has an expert-level proficiency in Salesforce, but maybe not so much in email security.)

#tfw #salesforce #dkim #dns

Hackread.com @[email protected] · 2026-04-27 · 17:18 UTC

📢⚠️ #ShinyHunters has leaked data linked to Udemy, Zara, and 7-Eleven, with claims of exposed Salesforce records and cloud-based systems.

Read: https://hackread.com/shinyhunters-leak-udemy-zara-7-eleven-data-breach/

#CyberSecurity #DataBreach #Salesforce #Udemy

#shinyhunters #cybersecurity #databreach #salesforce #udemy

WIRED - The Latest in Technology, Science, Culture and Business [Unofficial] @[email protected] · 2026-04-27 · 10:00 UTC

Here’s How Much San Francisco Tech Companies Pay for Police Protection

https://web.brid.gy/r/https://www.wired.com/story/heres-how-much-san-francisco-tech-companies-are-paying-for-police-protection/

#business #businessbigtech #sanfrancisco #salesforce #airbnb #police

Andy Engin Utkan @[email protected] · 2026-04-26 · 03:10 UTC

11 Flow Updates in Summer 26 Release

Salesforce’s Summer ’26 release is packing some serious automation upgrades. Whether you’re managing multi-stakeholder approvals, scaling orchestration across your org, or building complex integrations without code, there’s something here worth paying attention to. This release reflects a clear pattern we’ve been watching for a few cycles now: Salesforce is steadily removing the friction points that have slowed admins down, closing permission gaps, lifting arbitrary limits, and giving teams more control over how their automations behave at runtime. The result is a platform that’s increasingly capable of handling enterprise-grade complexity without requiring enterprise-grade workarounds.

From Flow Approval Processes to Flow Actions, the Summer ’26 automation updates touch a wide range of use cases. Some of these changes are straightforward quality-of-life wins. Others, like Flow Orchestration becoming a standard feature, are the kind of thing that unlocks a lot of value for orgs that have been holding back. Here are the Flow highlights of with Summer ’26.

More of a visual learner? Watch our full walkthrough below:

Flow Builder Updates

Summer ’26 brings a substantial set of improvements to Flow Builder itself, covering everything from AI integration to canvas usability to deployment reliability.

1. Custom Batch Sizes for Scheduled Flows

Scheduled flows now support custom batch sizes ranging from 1 to 200, configurable directly from the flow’s start element. Previously, scheduled flows always processed interviews in the default batch size of 200, which could exhaust resources in complex automations. Smaller batches give you more control over performance and reduce the risk of hitting governor limits, though setting them too low can increase overall processing time.

2. Create and Configure Agentforce Agents Without Leaving Flow Builder

A new Create Agent element lets you add AI-powered agents directly from the Flow Builder canvas. You can select from existing agents or build task-specific ones with custom instructions and actions, all without switching between tools. This makes it considerably easier to build intelligent automation without jumping in and out of multiple setup areas.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_create_agent_in_flow_builder.htm&release=262&type=5

AI Agent Actions Now Use the Create Agent Element: Existing flows that contain AI Agent actions will automatically have those actions converted to the new Create Agent element when opened, with original agent configuration preserved. This aligns the experience with the new way of working with Agentforce agents in Flow Builder.

3. Email Template References That Survive Deployment

The Send Email action now stores email templates as a persistent reference rather than a template ID. Since template IDs change when a flow moves between orgs, the old behavior regularly broke Send Email actions after deployment and required manual fixes. That problem is gone.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_persist_email_template_references_across_environments.htm&release=262&type=5

4. Date Operators in Decision Logic

Twenty new date operators are now available for use in Decision elements when a condition uses a date data type. Options include Is Today, Is Tomorrow, Is Yesterday, Is This Month, Is Anniversary of Today, Last Number of Days, Next Number of Months, and more. These let you model recency and milestone logic directly in your decision branches without relying on formula workarounds.

Screen Flow Updates

Screen flows are getting some of the most visible improvements in Summer ’26, from AI-assisted editing to better component styling to long-overdue data table upgrades.

5. Update Screen Flows with Natural Language Prompts

Generative AI support for flow modification is expanding to screen flows. Using the Agentforce panel, you can now describe changes in plain language to add, remove, or modify screen and action elements without manually adjusting logic in Flow Builder. This brings screen flows in line with the other flow types that already supported AI-assisted iteration.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_update_screen_flows_with_natural_language_prompts.htm&release=262&type=5

6. Display Record Names and Links in Data Table Lookup Columns

Data table columns tied to lookup fields can now show a human-readable record name at runtime instead of a raw Salesforce ID. You can also configure that name as a hyperlink that opens the related record in a new browser tab. No more workarounds to surface clickable record names in a data table.

7. Add Static Resource Images Directly from Flow Builder (Now GA)

Previously in beta, the ability to browse and upload static resource images from within the Display Text component is now generally available. The updated two-step process lets you search for existing images, upload new ones, and add alternate text without ever leaving Flow Builder.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_screens_find_and_upload_static_resource_images_from_the_display_text.htm&release=262&type=5

8. Radio Button Groups in Screen Flows

A new Radio Button Group component presents choices as horizontally stacked options on desktop and vertically stacked on mobile, offering a more compact and scannable alternative to traditional radio buttons, checkboxes, or picklists. Users still select a single option at runtime, but the layout reduces scrolling and feels more modern.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_screens_save_screen_space_with_radio_button_groups_in_screen_flows.htm&release=262&type=5

Flow Actions Updates

Flow actions are getting cleaner, more flexible, and easier to configure across the board in Summer ’26.

9. New Action Input Methods

Formula Mode for Action Inputs

You can now write formulas directly in action input parameters without creating separate formula resources. Select Formula mode in the Action element property panel, preview the formula inline, and edit it at any time. This reduces clutter and keeps your flow canvas easier to read.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_use_formula_mode_for_action_inputs.htm&release=262&type=5

Transform Mode for Action Inputs

Similarly, Transform mode lets you define data transformations directly within the Action property panel, eliminating the need to add a separate Transform element for data mapping tasks. Fewer elements, cleaner flows.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_use_transform_mode_for_action_inputs.htm&release=262&type=5

Set Field Values Directly for Apex-Defined Inputs

Apex-defined input parameters can now be set directly in the action property panel, with each field appearing as its own input. This removes the need to create separate variables and assign values to them before passing them into an action.

Optional Apex Action Inputs No Longer Show the Include Toggle

Flow Builder now hides the Include toggle for optional Apex action input parameters, simplifying the configuration experience. Required parameters are still marked with a red asterisk, and parameters with default values still show an Override toggle.

Flow Testing and Debugging

Summer ’26 also brings meaningful upgrades to how you test, debug, and troubleshoot flows.

10. Troubleshoot and Fix Flow Errors with Agentforce (Beta)

A new Ask Agentforce beta feature lets you use generative AI to diagnose both design-time issues in saved flows and runtime failures in active flows. You can identify root causes and understand remediation options in plain language, and use the Fix Issue option to let AI automatically apply the fix.

To get started with the Agentforce side panel in Flow Builder, you’ll need to provision and enable Data 360, turn on Agentforce from the Agentforce Agents section in Setup, and enable Einstein generative AI. Once that’s done, open any flow, launch the Einstein side panel, and click Migrate to Agentforce. Note that the Einstein AI assistant is being retired, so if you’re currently using it to summarize, modify, or debug flows, migrating to Agentforce is the path forward.

Source: https://help.salesforce.com/s/articleView?id=release-notes.rn_automate_flow_builder_troubleshoot_and_fix_flow_errors_with_agentforce_beta.htm&release=262&type=5

11. Flow Approvals

Unanimous Approval and Dependency Visibility for Approvals

Two meaningful upgrades are coming to Flow Approval Processes this summer.

First, approval steps assigned to groups can now require unanimous consent before moving forward. When unanimous approval is configured, every group member receives their own work item, and the step only advances if everyone approves. A single rejection closes the step and withdraws any pending work items for other members. This replaces the previous workaround of creating a separate step for each individual approver, which was a real pain point for compliance-heavy or multi-stakeholder review workflows. One thing to keep in mind: work items in unanimous approval steps cannot be reassigned.

Second, dependency visibility is no longer gated behind the Manage Flow permission. Users with the Approval Designer permission can now see flow dependencies for their approval processes directly in the Approvals app. Previously, only admins with Manage Flow had access to that view.

Both changes apply to Lightning Experience in Enterprise, Performance, Unlimited, Einstein 1, and Developer editions.

UI Improvements

Collapse Fault Paths on the Canvas

Following Spring ’26’s ability to collapse Decision and Loop elements, you can now collapse fault paths too. Hide them when you’re focused on the main flow logic and expand them only when you need to review or edit. Canvas layout state is saved per browser, so your view stays personal.

Redesigned Validation Panel

The validation panel has been redesigned to stay closed by default when you open a draft flow, so it’s no longer interrupting you before you’re ready to review issues. When you do open it, errors and warnings are organized into cards grouped by element. Clicking a card title opens that element’s property panel directly, and consistent validation patterns across all elements make error handling more predictable.

Styling Overrides for More Screen Flow Components

The list of screen flow components that support styling customization is expanding. New additions include Action Button, Address, Choice Lookup, Dependent Picklists, Email, Lookup, Name, Phone, Slider, Toggle, and URL.

Visualize the Execution Path When Testing Screen Flows

After manually testing a screen flow, the canvas now highlights the path the flow took, including every element touched during execution. The execution path displays when the flow reaches a Completed, Paused, Waiting, or Error state. Previously, the flow test finished without any visual indication of the path it followed.

Various Other Improvements

Centralize Value Mapping Management: A new MuleSoft for Flow Integration feature that allows you to manage and track all value translation lookups in one location.
Visual Flow Version Comparison: The ability to visually identify version changes side-by-side on the canvas, including a detailed breakdown of changes made to Transform element.
Element Error Rate Column: A new column in the Flows list view that allows admins to triage issues by displaying the percentage of elements that failed during a flow’s last execution.
Add Prompt Instructions Resource Picker: An enhanced resource picker for template-triggered prompt flows that groups resources and uses intuitive icons.
Flow Orchestration Is Now a Standard Feature: This one is a big deal. As of the Spring ’26 release (week of February 16, 2026), Flow Orchestration runs are included in applicable editions with no usage-based caps. Previously, orgs were subject to entitlement limits on orchestration runs, which created friction for teams trying to scale multi-step automated processes. That ceiling is gone. Available in Enterprise, Performance, Unlimited, Einstein 1, and Developer editions.

Conclusion

Summer ’26 delivered a few key features flownatics have been asking for. Schedule-triggered flow batch size setting was on my personal wish list. The data table improvements brought the out-of-the-box data table functionality closer to the UnofficialSF screen component. I would love to see more popular updates delivered from the IdeaExchange in the coming releases.

If you’re exploring any of these updates, we’d love to hear what you’re building.

Explore related content:

Get Your Org Ready: Summer 26 Admin Highlights

Beyond the URL Button: The Salesforce Request Approval Lightning Component

6 Key Takeaways from TDX26

#Automation #NewRelease #Salesforce #Summer #Tutorials #Updates

#automation #newrelease #salesforce #summer #tutorials #updates