Newer Version Available

This content describes an older version of this product. View Latest

Require High-Assurance Session Security for Sensitive Operations

To secure different setup areas in your org, require a high-assurance level of security for sensitive operations, like accessing reports and managing IP addresses. You can also block users from accessing these setup areas.
Available in: all editions

User Permissions Needed
To modify session security settings: Customize Application

These settings apply only to users who have user permissions to access these operations. If users have a high-assurance session after logging in, they aren’t prompted to verify their identity in the same session, even if you require high assurance for sensitive operations.

  1. In Setup, enter Identity in the Quick Find box, and then click Identity Verification.
  2. Under Session Security Level Policies, raise the session security level to high assurance, or block users.
    • Reports and Dashboards—Controls access to reports and dashboards. This setting is also available on the Reports and Dashboards Access Policies page. You can change this setting in either location.
    • Manage Encryption Keys—Controls access to the Platform Encryption page, the Certificate and Key Management Setup page, and the TenantSecret object.
    • Manage Auth. Providers—Controls access to the Auth. Providers page, the User Details Setup page, and the AuthProvider object.
    • Manage Login Access Policies—Controls access to the Login Access Policies Setup page.
    • Manage IP Addresses—Controls access to the Network Access Setup page.
    • Manage Password Policies—Controls access to the Password Policies Setup page and profile details.
    • Manage Sharing—Controls access to the Sharing Settings Setup page, the SharingRules object, and the CustomObject’s sharingModel field in Metadata API.