salesforce_security_impl_guide
salesforce_security_impl_guide
salesforce_security_impl_guide
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Configuring Salesforce Security Features<br />
Setting Session Security<br />
• Two-Factor Authentication — High Assurance<br />
• Authentication Provider — Standard<br />
• SAML — Standard<br />
Note: The <strong>security</strong> level for a SAML session can also be specified using the SessionLevel attribute of the SAML assertion<br />
sent by the identity provider. The attribute can take one of two values, STANDARD or HIGH_ASSURANCE .<br />
To change the <strong>security</strong> level associated with a login method:<br />
1. From Setup, click Security Controls > Session Settings.<br />
2. Under Session Security Levels, select the login method.<br />
3. Click the Add or Remove arrow to move it to the proper category.<br />
Currently, the only features that use session-level <strong>security</strong> are connected apps, reports, and dashboards. You can set policies requiring<br />
High Assurance on these types of resources and specify an action to take if the session used to access the resource is not High Assurance.<br />
The two supported actions are:<br />
• Block — This blocks access to the resource by showing an insufficient privileges error.<br />
• Raise session level — This redirects you to a Two-Factor Authentication flow for raising the session’s <strong>security</strong> level to High Assurance.<br />
Once you complete the flow successfully, you can access the resource.<br />
To set a High Assurance required policy for accessing a connected app:<br />
1. From Setup, go to Administer > Manage Apps > Connected Apps.<br />
2. Click Edit next to the connected app.<br />
3. Select High Assurance session required.<br />
4. Select one of the two actions presented.<br />
5. Click Save.<br />
To set a High Assurance required policy for accessing reports and dashboards:<br />
1. From Setup, go to Build > Customize > Reports & Dashboards > Access Policies.<br />
2. Select the High Assurance session required.<br />
3. Select one of the two actions presented.<br />
4. Click Save.<br />
The session levels have no impact on any resources in the app other than connected apps, reports, and dashboards for which explicit<br />
<strong>security</strong> policies have been defined.<br />
86