đź“Ł Attention Salesforce Certified Trailblazers! Link your Trailhead and Webassessor accounts and maintain your credentials by December 14th. Learn more.

Manage Transaction Security Policies

Learning Objectives



Be careful—Transaction Security is a powerful feature. An incorrect Login Event policy that blocks for its real-time action locks you out of your org. To prevent this from happening in an org you care about, create a new Trailhead Playground for this module. Yes, we really mean a brand new Trailhead Playground.

After completing this unit, you’ll be able to:
  • Change policy configurations.
  • Create a policy view.
  • Filter policies to show in a view.

Configure Policies

It’s easy to manage policies when you have only a few, but it can get harder when you have many. To make managing policies easier, you can reconfigure policies as needed, create views of policies, and sort policies.

Editing a policy to change the notification, action, or most anything else is easy. On the Transaction Security main page, click Edit next to the policy you want to update. Let’s edit the Block Android policy as an example.

Edit page for the Block Android policy.

You can change almost all the things you set when you created the policy. What you can’t do is change the Apex code that implements the policy. That’s a different step, which we cover a bit later.

Filter Policies to Ease Viewing

You can select which policies are shown by creating views. A view is a filtered list of policies. You filter the policies by their characteristics. When you start out, the Transaction Security Policies page shows all the policies you have.

Transaction Security default policy view.

You can filter according to these values:
  • Apex class name
  • Event type
  • Policy name
  • Whether the policy is enabled
Let’s create a view that shows just the policies you created. Right now, that’s only Block Android, but you’re sure to create more. Click Create New View to get started.
  1. First you name the view. Call this one My Policies. Transaction Security automatically uses your policy name to create My_Policies as the unique name.
  2. Select My Transaction Security Policies for the filter criteria. We aren’t filtering by any additional fields because we want to see all your policies.


    If you’re the admin that receives the notifications, the supplied policies are also included because they belong to the admin. You can exclude the supplied policies by filtering the Name field, like this:

    The filter values to remove the supplied policies from the policy view.

    The AND that associates the additional fields means that all the conditions are used. In this example, the policy name must not be equal to both Concurrent User Session Policy and Data Loader Lead Export Policy. That excludes those policies from the filter, and all other policies are shown.

  3. All fields are displayed by default, so select the fields you don’t want to display and move them to Available Fields. You can also order the fields however you like.

    The bottom half of the Create New View page with the values for a view showing only the user's policies.

  4. You can go wild when setting who gets to use this view. There’s a large range between only you and everyone . You can pick groups and roles with or without subordinates. You can also mix-and-match groups and roles.


    Make sure to include yourself in your visibility selection. Otherwise, you can’t see the view.

    Here’s an example view.

    The top half of the Create New View page with the values for a view showing only the user's policies.

    Since we didn’t specify any additional fields, no other fields are shown.

  5. Review the settings and click Save when you’re ready.
  6. Back on the home page for Transaction Security, select My Policies in the View dropdown. You see all the policies you’ve created so far, along with the supplied policies if you didn’t filter them out. If you didn’t filter them out, try editing your view to do that.


Transaction Security Policies

Flower icon used to indicate that the content is for Salesforce Classic

Remember, this module is meant for Salesforce Classic. When you launch your hands-on org, switch to Salesforce Classic to complete this challenge.