Salesforce will enforce MFA beginning February 1, 2022, which could be a big change for your users if they still don't use MFA. I hear a lot of comments regarding this, and people are looking for alternatives to make the change easier.
I have an article about the Lightning Login, which I personally think is the best option. However, some users really don't want to use their mobile for authentication. In that case, you may consider leveraging tools like LastPass or Authy which provide TOTP for desktop as well. If they are still not satisfied, then you can teach them this trick explained here.
Salesforce is enforcing MFA for logins from UI, and API logins are waived. So if you are using SFDX for your orgs, then you don't need to worry about it. Most developers, they are already familiar with this command-line tool, but if you mention SFDX to your normal users or even some admins, they may not have a clue.
SFDX means Salesforce Developer Experience, and the main component is Salesforce CLI. However, as long as you have API access on your profile or permission set, you can use it. Obviously, you need to download and install it on your computer. Then you can directly use it with the built-in command-line app on your computer (such as Command Prompt on Windows or Terminal on Mac). You can do tons of things with this tool, and the full list is here. Of cause, logging in (sfdx force:auth:web:login) is one of them.
But it can be overwhelming for normal users, and they don't want to learn the complexity at all. For the basic login function, we're only using 2 commands, which you can easily write two scripts, literally one command each.
Auth.bat (Windows) / Auth.sh (Mac)
Login.bat (Windows)/ Login.sh (Mac)
Of cause, you can add some user-friendly messages using echo as well.
Users only need to run the first one once to authorize SFDX, when they run it, the script will open the browser with a pop-up. They will need to confirm the authorization by clicking the blue Allow button. If they haven't logged in, they need to log in as normal first.
Behind the scenes, SFDX is saving an access token for future usage. After this process is complete, users can double click to run the login script every time they need to open the org (no more password).
I also found a GUI tool for SFDX on Github.
This is a great app that encapsulates the common commands into the graphic UI, but users need to run some commands to run it, and it's a little overkill for just logging in. But for power users or admins it will be very helpful.
It's very straightforward, download it and go to the folder then. run
npm install for the very first time. Every time you use, just run npm start.
That's it, you can enjoy the power of SFDX without writing commands.
No comments:
Post a Comment