Enable / Disable Users to Login to Salesforce Using Login Flow

A Step by Step Guide on using Login Flow

Salesforce Login Flow

Occasionally you may want to disallow users to login to Salesforce. For example, if you are deploying new features or functionalities, or performing system maintenance or data migration or because of any other reason. You may want to disallow all the users or only a group of users or just some specific users. What will be the best way to do this? There are a few options to achieve this. For example, you can

  • Freeze the user
  • Make the user inactive
  • Set the login hours on user’s profile to same value

Each of these options have their own pros and cons. In this blog post, I want to show you step by step how you can achieve the same using “Login Flows”. With login flow, there is going to be a one-time setup effort, but after that allowing / disallowing users will become a piece of cake.

NOTE: Certain sections of the guide will appear as locked in the free preview. You can download the unlocked version of the guide in PDF format by subscribing to our “All Access” Pass through the link below.

Not an “All Access” Pass Member Yet?

Get Download Access to this & 150+ More Step-by-Step Guides with “All Access” Pass. A simple and single plan to access our entire library of courses, guides, workshops & masterclasses on Salesforce.

Introducing Mastering Salesforce Flows Training Course

Liked this post? We are now offering a complete self-paced, video-based training course on Mastering Salesforce Flows. The course comes with downloadable step-by-step PDF guides, unlimited access, free upgrades, community discussion area, free preview and more. For more details, please click here.

Need Help with Flows?

Need advice on Flows? I also offer advisory & consulting services on Salesforce Flows. So, whether you want to create new Flows or migrate existing automations (Workflow Rules, Process Builder, Triggers) to Flows, I can help you analyze, design, plan & review. To initiate a discussion, please submit the contact form here stating your requirement or schedule a discussion at this URL.

This just gets you started on Login Flow. You can use this feature for other things like

  • Enhance or customize the login experience. For example, add a logo or login message.
  • Collect and update user data. For example, request an email address, phone number, or mailing address.
  • Interact with users, and ask them to perform an action. For example, complete a survey or accept terms of service.
  • Connect to an external identity service or geo-fencing service, and collect or verify user information.
  • Enforce strong authentication. For example, implement a two-factor authentication method using hardware, SMS, biometric, or another authentication technique.
  • Run a confirmation process. For example, have a user define a secret question, and validate the answer during login.
  • Create more granular policies. For example, set up a policy that sends a notification every time a user logs in during non-standard working hours.
  • Etc…..

References & Useful URLs

8 thoughts on “Enable / Disable Users to Login to Salesforce Using Login Flow”

  1. Hi Ashish,

    This is very well presented. Thank you!
    Can the flow be used to somehow disable standard profile from logging in without SSO ?
    ie. if loginHistory.LoginUrl =’login.salesforce.com’ then disallow login else if loginHistory.LoginUrl=’companyname.my.salesforce.com’ then allow.

    I saw your article for the solution using delegated administration to achieve this but that will remove sso for admins as well.

  2. Hi, thank you very much for this tutorial. Very helpful and well written !

    But what if user is already logged in ? From what I saw, he stay connected. Do you have any solution regarding this issue ?

    Best regards

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top
Introducing All Access Pass