Salesforce Release

Winter ’21 Community Highlights


The list of Winter ’21 features below apply to Community enhancements.

There are additional Winter ’21 features available to Salesforce Classic only, Lightning Experience and Salesforce Classic, Lightning Experience only, Mobile Enhancements, Other Enhancements in the Winter ’21 Release Highlights post.

Note: These features are not listed in any specific order.

1.Lightning Community Enhancements:

  • Allow Inline Scripts and Script Access to Any Third-party Host CSP Setting Will Be Removed In Spring ’21. If your community was created before Spring ’19 and you are currently usig this setting, you should start preparing for this change. You should change it to either Strict CSP: Block Access to Inline Scripts and All Hosts or Relaxed CSP: Permit Access to Inline Scripts and Allowed Hosts.
  • Organize Your Pages and Page URLs in Your Own Pages Menu in Experience Builder.
  • Show Content on the Record Detail Page Using Audience Criteria Based on Record Fields. This applies to Account, Asset, Campaign, Case, Contact, Contract, Lead, Opportunity, Product2, ProductCategory, Quote, Custom Objects and any object with at least one record type.
  • Users Can Print a List or Record Detail Page using Printable View.
  • Provide External Users the Ability to Switch to Other External Accounts using the Account Switcher Component. The user can use Authorized Access, to manage permission sets for other users, reset passwords, and activate, deactivate, or add members to the target account.
  • Topic ID Field is Being Added Back to Topics Components. This was removed in Spring 20 and is being added back in.
  • Allow External Users to Use SMS as a Multi-Factor Authentication Method.
  • Trusted Site Paths for Lightning Communities Are Case-Sensitive.

2. You Can Now Use lightning:hasPageReference for Action Overrides, and Default Field Values in lightning:navigation.

3. Allow Community Users, Customer and Partners to Verify Their Identities Using SMS. Contact Customer Support to enable SMS multi-factor authentication. Then enable Let external users verify their identity by text (SMS) on their profile or via permission sets.

4. (Update) Require Community Users, Partners and Customers to Confirm Email Address Changes. This will be enforced in Spring ’21. However, you can disable the setting.

5. Customize the Community Email Address Change Verification Emails. In Setup, go to Classic Email Templates and select either the Communities: New Email – Change Email Verification or the Communities: Old Email – Change Email Verification

6. Guest User Security Policies Enforced:

  • Secure Guest User Record Access Can’t Be Disabled. This enforces private OWD for guest users and mandates you use guest user sharing rules to grant record access. Note: You cannot add guest users to groups or queues or grant guest users record access through manual sharing or Apex managed sharing.
  • (Previously Released Update) Automatically Assign Records Created by Guest Users to a Default Owner. When a guest user creates a record, the record ownership will be assigned to a default active user in the org.
  • Guest Users will No Longer Have View All Data, Modify All Data, Edit and Delete Object Permissions in Existing Orgs.
  • (Previously Released Update) Opt Out of Enforcing Guest User Object Permission Changes. You can opt out (for the Winter ’21 Release only) of the removal of edit, delete, Modify All Data, and View All Data for custom objects and edit, delete, Modify All Data, and View All Data for the following standard objects: Order, Contract, Survey Response, ProfileSkillUser, and ProfileSkillEndorsement. Note: After your production org upgrades to Winter ’21, you will not be able to activate this update.
  • (Previously Released Update, Enforced) View All Users Permission to be Removed in Guest User Profiles in Spring ’21. The View All Users permission will be removed from all guest user profiles with the Spring ’21 release.
  • Let Guest Users See Other Members of This Community Setting Disabled. This setting is disabled by default in all Production orgs with active communities that has at least one community created before the Winter ’20 release. Salesforce recommends that you evaluate whether this access is needed. To enable access, access your community’s Workspaces, and enable the setting under Administration | Preferences.

7. New Images Associated to Topics are Now Private. New images associated with featured and navigational topics are stored as private asset files. To allow guest users to see these new images in your community, select Let guest users view asset files and CMS content available to the community in Administration | Preferences in Experience Workspaces. If you do not want the images uploaded prior to Winter ’21 to be public, you will need to delete the images and upload them again in Content Management | Topics in Experience Workspaces.

8. Override Entity Permissions When Using <apex:inputField>. The new ignoreEditPermissionForRendering attribute on <apex:inputField> bypasses entity edit permissions and field-level security edit checks. Note: This attribute works only with a custom controller in without sharing mode.