Lightning Flow design for self activation

MFA will be mandatory after 1st of February 2022, we need to prepare our organisation and users.

Usage of MFA is not difficult in user side and everyone uses for other applications, FTP connections, e-banking services in business and in social media apps.

Why we need self-service application.

Problems starts when we start to talk about a few hundred users activation in orgs. We must be sure all users ready to activate and learned how to use it.

Salesforce has suggestion to delegate MFA activation to some super users. Because it is huge job when you think a few thousands users in single org.  Salesforce admins needs extra support from super users.

Full Article link

When you use self activation flow:

Users can activate MFA when they are ready. No need administrator effort or Super user support. 

You can take a coffe ⛾ and follow activation status from MFA Evaluation dashboard. (It is free tool by SalesforceLab in Appexchange.)    

How it works?

We need to give our users to “Multi-Factor Authentication for User Interface Logins” permission. Salesforce suggests using permission set and assign users. 

Key Value --> Permission set assignments keeps user settings. 

Requirement -->  We can activate MFA when we assign user to correct  permission set according to user's license type. 

How --> We can create screen flow and do some object data transactions.

If you install un-managed package in link which is shared in last part of this document. You will see all flow on screen.

Let's see parts of flow: 

Collect related data from salesforce org

	Following part of flow does:   ·         Current User Id is main key. ·         Get user Profile data: o   LicenceId o   PermissionsTwoFactorApi, Is it activated in its profile? ·         MFA Permission set list: get list of permission set by user license Id to use in next steps ·         Get records from Permission set assignments to understand whether MFA activated or not.

Make Decision; Is it activated for Current User?

This part of Flow, shows necessity screen according to user situation.  It prevents to process flow one time for data update and Insert.

MFA Activation you are ready

It doesn’t have any navigation button, only for information.

Step 1 Warning. It shows following figure.

 Step2 Questionnaire 

You are not ready 

User is warned: "You are not ready" when any of check box is not true, 

Create/Update data on Permission set assignments

Everything OK and we are ready to Assign user.

It creates record to "Permission Set Assignments" object or re-activate when any data exist in the  "Permission Set Assignments" object with "IsActivate=false"

How can you get and install it?

You can install following un-managed package from my personal development org. It is un-managed, you can see it and play on it. May be you can activate in Sandbox org first.

Use this URL to install the package into any organization: https://login.salesforce.com/packaging/installPackage.apexp?p0=04t3z000002BkGN Sandbox installation http://test.salesforce.com/packaging/installPackage.apexp?p0=04t3z000002BkGN   Get metadata from github repository You can get metadata from my github repository. Click to access related folder

How can you use in your salesforce system?

 

Any question?

Don't hesitate to contact me. 

nazim()abbwire.com

nazimaltinay()gmail.com