Set up Guest User Access
Intro
This guide provides generic instructions for setting up a new site/community, however depending on which 3B products you use, you may need to adjust the implementation. Reach out to our support team if you need any help.
Set Up Salesforce Site
Salesforce Sites enables you to create public websites and applications that are directly integrated with your Salesforce organization—without requiring users to log in with a username and password. You can publicly expose any information stored in your organization through a branded URL of your choice.
Create a new Site
To get started using Salesforce Sites, from Setup, enter Sites in the Quick Find box, then select Sites. From this page, you can:
- Register your Salesforce Sites domain, if you have not yet done so.
- View all sites hosted on your Salesforce Sites domain.
- To create a site, click New.
- To change an existing site, click Edit.
- To change the active status of your site, click Activate or Deactivate. WARNING Be careful not to expose any information that you do not want to make public.
- To view the site’s details, click the site's label.
- To set a default owner of records created by guest users, select Assign new records created by Salesforce Sites guest users to a default owner.
- To open a site in a browser, click the site's URL.
Important: If you are planning on embedding forms, documents and visualforce pages on your own website or otherwise use them within an iFrame, you will need to set the "Clickjack Protection Level" to "Allow framing by any page", otherwise the pages will not render.
Manage Site permissions
Once you have created your site, you can configure it on the Site Details page. To access this page, from Setup, enter Sites in the Quick Find box, then select Sites, and then in the Sites list, click the site name. You can do the following:
- Click the button "Public Access Settings" to view or edit the security settings, including permissions, page layouts, and more.
- Follow the instructions "Set Up App with Site/Digital Experience for Guests Access" in this article.
Set Up Digital Experience (Experience Cloud Site)
Enable Salesforce digital experiences for your org
Before you create an Experience Cloud site for your customers and partners, enable Salesforce digital experiences for your org.
When you enable digital experiences, you provide a site domain. The site domain collects all your Experience Cloud sites under one URL. Typically, your site domain is your company domain.
- From Setup, enter Digital Experiences in the Quick Find box, then select All Sites.
- Select Enable Digital Experiences.
- Enter a memorable domain name. Keep in mind that customers and partners interact with this domain name. After you choose this name, you can’t change it. Later on, you can add a custom SSL domain to have more control over your site branding.
- Select Check Availability.
- Click Save, and then click OK.
Digital experiences are now enabled for your org, and you can create your site for customers and partners.
Set up Salesforce digital experience site
To see the number of sites you can create for your org, from Setup, enter Digital Experiences in the Quick Find box, and select Sites. The maximum number of sites appears at the top of the page.
- To create a site, from Setup, enter Digital Experiences in the Quick Find box, select All Sites, and then click New. The creation wizard opens with several templates for you to choose from.
- To see more information about a template, select it. We recommend using the Customer Account Portal template, however you can choose any of the templates if you know what you are doing.
- Select the template that you want to use.
- Read the template description and key features, and click Get Started.
- Enter a name.
- For URL, enter the name of your site. If you are dedicating the site to 3B Forms, 3B Docs or 3B Onboarding, you might want to choose the endpoint to be named "documents", "contracts", "customers", "onboarding", "forms" or something similar. For the purposes of this article, we will use the endpoint "documents". This name is appended to the domain that you created when you enabled digital experiences for this org. For example, if your domain name is UniversalTelco.my.site.com and you’re creating a customer community, you can enter customers to create the unique URL UniversalTelco.my.site.com/documents. NOTE You can create one site that doesn’t have a custom URL. You can change your site name and URL after the site is activated, but users aren’t redirected to the new URL. So be sure to inform your members before changing the name or URL.
- Click Create. The site is created in Preview status. Now you’re ready to build and customize or manage and moderate your site.
Manage Salesforce digital experience permissions
For Experience Builder sites, access the guest user profile from Experience Builder.
- In Salesforce Setup, enter digital experiences in the Quick Find box and select All Sites.
- Next to the site that you want to access, click Builder.
- In Experience Builder, click on the cog gear icon and select General.
- Under Guest User Profile, click the profile name.
- Click Edit.
- Follow the instructions "Set Up App with Site/Digital Experience for Guests Access" in this article.
- Click Save.
For Salesforce Tabs + Visualforce sites, access the guest user profile from Experience Workspaces.
- In Salesforce Setup, enter digital experiences in the Quick Find box and select All Sites.
- Next to the site that you want to access, click Workspaces.
- Select Administration | Pages | Go to Force.com.
- Click the button "Public Access Settings" to view or edit the security settings, including permissions, page layouts, and more.
- Follow the instructions "Set Up App with Site/Digital Experience for Guests Access" in this article.
Set Up App with Site/Digital Experience for Guests Access
Now that you have set up a Site/Digital Experience, you will need to grant the "guest user" (default user assigned to people interacting with the site) with the correct permissions to access and use the application.
In order to run the application in a Guest User mode, you would need to grant access to the Guest User profile to the APEX classes and Visualforce Pages that the application uses.
3B Forms
Guest Access to Apex Classes
- b3f.FormAttachmentWebService
Guest Access to Visualforce Pages
- b3f.FormComplete.page
3B Docs
Guest Access to Apex Classes
- b3d.GlobalRemotingInterface
Guest Access to Visualforce Pages
- b3d.GeneratedDocument.page
- b3d.Document.page
3B Onboarding
Guest Access to Apex Classes
- b3d.GlobalRemotingInterface
Guest Access to Visualforce Pages
- depends on the implementation
Please note that you may need to make additional adjustments to the Guest User profile if the specific version of the app that you are installing requires it.
Configure a Custom Domain for Your Experience Cloud Site
You can use your own domain name with Sites/Digital Experiences so you can brand the experience to your liking. This means you can change the URL of publicly accessible resources from say https://my.domain.salesforce.com/documents to https://yourwebsite.com/documents. Follow the instructions below or refer to the documentation provided by Salesforce.
- From Setup, enter Domains in the Quick Find box, then select Domains.
- Click Add a Domain.
- Enter the domain name.
- Choose the HTTPS domain configuration option you want to serve this domain with. Optionally, specify a CNAME value if you’re using a non-Salesforce provider to serve your domain. NOTE In Professional Edition orgs with Pardot, you must choose Salesforce serves the domain over HTTPS using a Salesforce content delivery network (CDN) partner.
- To avoid vulnerabilities during HTTP redirects and to have supported web browsers always use secure HTTPS connections for your domain, select Allow HSTS preloading registration. This setting adds the preload directive to the HSTS header. After you enable this setting, you must submit your domain at https://hstspreload.org. NOTE This setting applies only to domains that are eligible for HSTS preloading. Domain names can consist of a public suffix plus one additional label, For example, example.com and example.co.uk are eligible, but www.example.com, www.example.co.uk, and sub.example.com aren’t eligible.
- Add a certificate if you have already set up a CA-signed certificate that supports this domain.
- Click Save. To add another domain, click Save & New.
If you plan to host more than one Experience Cloud site on a domain, you’ll need to set up custom URLs for each site. Custom URLs are the way to uniquely distinguish the sites within that domain. From Setup, enter Custom URLs in the Quick Find box, then select Custom URLs.
Before pointing your domain name’s CNAME to a new target name, ensure that the target name exists in the DNS by using dig
or nslookup
. The target of your CNAME depends on when you create your domain name.
- To use HTTPS for domain names added before the Summer ’13 release, adjust your CNAME to point to the FQDN followed by .live.siteforce.com instead of to the org’s force.com subdomain. For example, if your pre-Summer ’13 domain is www.example.com, its CNAME target is www.example.com.live.siteforce.com instead of example.force.com.
- Domain names added in Summer ’13 or earlier don’t have the 18-character org ID in the CNAME target.
- Domain names added in Summer ’13 or later point to the location for setting up HTTPS in a custom domain.
- Domain names added in Winter ’14 or later use a CNAME that points to the FQDN followed by your org’s 18-character ID and .live.siteforce.com. For example, if your domain name is www.example.com and your 18-character org ID is 00dxx0000001ggxeay, its CNAME target is www.example.com.00dxx0000001ggxeay.live.siteforce.com.