How to restrict @AuraEnabled method access for Authenticated users
As we all know security is always the number 1 priority for Salesforce, so there is a critical update coming to all of our Salesforce environments. This will change the way we provide access to AuraEnabled Apex methods. From this post, you can expect -What problem this update is going to solve?When can we expect this update in our environments?Show me the problemShow me the solution(s)Show me all the places where I need to make this changeWhat problem this update is going to solve?When we write our Lightning Component or Lightning Web Component today, for any type of server operation, we write Apex classes and annotate the method with @AuraEnabled. We don’t have an option today to restrict the access to our AuraEnabled methods today. That is why Salesforce came up with this important critical update where you need to specify who can access your AuraEnabled methods. I will explain this update with one example later in this post.When can we expect this update in our environments?This update “Restrict @AuraEnabled Apex methods to authenticated users” came as part of Salesforce’s Winter ’20 release. Enforcement will start on August 9th, 2020.Show me the problemLet’s say we have this below Lightning Web Component where we pass a string to the AuraEnable controller class and then class return list of Contacts. Finally component is going to display the list of contacts. Below is the...
Read More