As a Salesforce customer, you may have received emails from Salesforce recently notifying you of changes coming into effect that will possibly impact your org in the Winter ’25 release, starting in September 2024.

In this post we’ve tried to go through the changes and give you a quick view of the changes, provided links to additional information should you need it. It does mean that this is a long blog post, so perhaps grab a beverage before settling in.

Area Change What does this mean? What do I need to do?  More Info?
Salesforce Knowledge Turn On Lightning Article Editor and Article Personalization for Knowledge When editing in Salesforce Knowledge you will gain the ability to show or hide fields based on the user, permissions or record criteria. You can test the new functionality out in the Sandbox by enabling the release. 
Please note that once this is enabled in Live that you review all articles to ensure that they still render as desired. 
Turning on Lightning Article Editor
Field Service Migrate from Maintenance Plan Frequency Fields to Maintenance Work Rules If you are using Field Service and the Frequency and Frequency Type fields on the Maintenance Plan, then you need to prepare for this update.

You’ll need to migrate these to Maintenance Work Rules as those fields are being retired.

In a Sandbox, use the Impacted Maintenance Plans table, and update each to use a Maintenance Work Rule instead. Test and then recreate in live.  Migrate from Maintenance Plan
User permissions Restrict User Access to Run Flows Moving forward users will need the Run Flows or Manage Flows permission to be able to use flow automation.

These 2 options will make the existing Flow User checkbox on the user record redundant.

You will need to review who has Run Flow.

Then make a decision on which users need to be Run and which users will need to Run and Manage Flows, before updating accordingly.

Restrict User Access to Run Flows
User permissions Enforce View Roles and Role Hierarchy Permission When Editing Public List View Visibility Salesforce here are trying to ensure that permissions sets are set up appropriately, so if a user has the ability to create Views and share them with other but they do not have the View Roles and Role Hierarchy permission they wont be able to moving forward.   Review profiles and permission sets updating where needed. Enforce View Roles & Role Hierarchy
Email Communication Create and Verify Your Default No-Reply Organization-Wide Email Address to Send Email If emails are being sent from Salesforce by users or automation, then you’ll need to prepare for this update; otherwise, emails may fail to be sent in the future.

We recommend that as this email address may be visible to your clients and users, so choose something appropriate (e.g. notifications@companyname.com).

In a Sandbox, set up an org-wide address, which you then verify by pressing the link from Salesforce.

An org-wide address is not deployable, so you’ll need to do this for each environment and production individually.

Create Default No-Reply Org-Wide Email Address
User Experience End of Redirection URLS (we reached out about this back in March) In short, this change could mean that items with a hard-coded URL(s) (e.g. to a record in Salesforce) in an old style, they will no longer work from September 2024. Impacting items such as Email Templates, Email Signatures, Links, Fields using a URL, etc.  If you engaged in our services and had the solution deployed to production you have nothing more to do. Otherwise:

  • Search the metadata of our org, to identify the areas of impact
  • Evaluate if the impacted areas are still needed
  • Updated the impacted items 
Prepare for the End of Redirections for Non-Enhanced Domains 

Salesforce Enhanced Domains FAQ

User Experience Adopt Updated Content Security Policy (CSP) Directives So if your Salesforce org is trying to get fonts, images, or iframe content, these may be blocked. Identify all URLs used and add them to the Trusted URL logs. CPS Directives
Approval Processes Prevent Guest User from Editing or Deleting Approval Requests If you have an approval process that needs a guest user to be able to edit, reassign, or delete approval requests, these actions won’t work post-release. Guest users are still able to approve or reject an approval request. In a sandbox walk through your approval process as a Guest user to identify the impact. Prevent Guest User from Editing or Deleting
Automation Enforce Sharing Rules when Apex Launches a Flow If you have code triggering a Flow (both custom code or installed packages), then this update could impact you. Identify a list of references in your custom code or managed packages code.

In a sandbox enable this feature and test the functionality to ensure it still runs as intended.

Then deploy any changes to live and ask key users to test the functionality.

Enforce Sharing Rules (Apex launched Flow)
Integrations Use REST API for Access to External Client App OAuth Consumer Credentials If you are using the Metadata API to access External Client App OAuth consumer credentials, then you will be impacted by this update.  

Salesforce want people to change over to accessing these credentials via the Connect REST API instead to improve security. 

You can be made exempt from this update if you contact Salesforce support.

In a sandbox, update your development procedures to use these credentials via the Connect REST API rather than the Metadata API. 

If these are already running via the Metadata API and have source control in place, you may want to do some housekeeping to remove credentials from your source control and rotate the keys. 

Remember to update credentials and refactor any integrations to use the updated details.

Use REST API

If you would like Mint to help you with the actions listed in the “What do I need to do” section above, please get in touch!