Enhanced Domains will be the new default in your org

What are Enhanced Domains?

The new Enhanced Domains will meet the latest browser requirements and ensures that your Salesforce URLs contain your company-specific “My Domain” name. This is also true for URLs for Experience Cloud sites, Salesforce Sites, Visualforce pages, and content files. The new “Enhanced Domains” will ensure that your Salesforce data is protected from unauthorized access. The full list of all the URL formats after the change, can be found here: URL formats here.

As of the Salesforce Spring ’23 Release (in February), enhanced domains will be deployed by default in new orgs and will be required in all orgs in Winter ’24. You can opt-out from the automatic deployment of enhanced domains through an org-level setting.

If you missed the information on Enhanced Domains in our Spring ’23 release webinar you can rewatch our BRIGHTFOX webinar here.

Why Salesforce requires Enhanced Domains? 

To understand the need for this change, let’s have a look at cookies first. Not the edible cookies, but first-party and third-party cookies. Both types are bits of information that collect web-user data. Both are used to store data such as surfing and personalization preferences and user tracking information.
The difference is in who uses that data and whom the cookie collects data for.

A first-party cookie is placed on a website by the publisher or owner of the site and collects user data for the publisher or owner. They are often used to improve user experience (UX) by remembering user preferences and settings. Items added to online retail shopping carts, usernames, passwords, and language preferences are information that first-party cookies might store.

A third-party cookie is placed on a website by someone other than the owner: a third party. These could be set by an advertising network that a site may subscribe to in the hopes of collecting data and drive up sales or page hits.

As a result of regulatory and consumer pressure, major web browsers like safari, Firefox and Google Chrome are blocking third-party cookies. Today, users can choose to disable the setting to allow cookies, but browser developers indicate that they intend to permanently block third-party cookies in the future.

What is the impact on Salesforce Users?

Without enhanced domains, Salesforce content can be delivered from multiple domains. When the user’s browser blocks third-party cookies, some content in Salesforce might be blocked. For example, a landing page ending in lightning.force.com can’t load content stored in your org and accessed via a URL 

ending in documentforce.com. The resulting error often mentions “cross-domain cookies” or “cross-site cookies.”

With enhanced domains, all Salesforce content have a common domain, so the cookies can be shared, and the browsers allow access, even when third-party cookies are blocked.

What does it mean for you?

Enabling Enhanced Domains is an easy-to-set-up feature, and there are no additional fees associated with using it. But it provides multiple other benefits too, such as:

• Branding
  Consistency is an important factor across your org. Enhanced Domains ensures that all your URLs contain your company-specific My Domain name.
• Stability
  Before My Domain, your instance was part of the URL. Now that we have removed the instance names, your org’s URLs remain unchanged when your org is moved to another Salesforce instance*.
  
  
• Compliance
  Enhanced domains comply with the latest browser requirements. They avoid third-party cookies, otherwise known as cross-site resources.
• Enhanced security
  You meet the latest security standards, which means that your org is protected from malicious activity.
• Easy to remember URLs
  With no instance* names, Salesforce’s enhanced domain URLs are easier for users to remember and don’t change when your org is moved to another Salesforce instance*.
• Improved usability
  Salesforce URLs under one domain name make navigating your Salesforce org easier for users as well as finding the right information.
  
• Customization
  You can set up customer-specific subdomains in your Salesforce org URLs under “Setup My Domain”, for example, https://mycompany.my.salesforce.com. With these org-specific URLs, you can set up a custom login page or login policy, offer single sign-on, and allow users to log in with a social account.
  

Preserve Access to Your Org

When you deploy enhanced domains, login URLs for your sites change. Your My Domain URL changes when you deploy enhanced domains in a sandbox.
Enhanced domains don’t change your My Domain login URL in production unless you also change your My Domain name or suffix.

When your My Domain login URL or site URL changes, authentication methods such as SSO and multi-factor authentication (MFA) can stop working. Before you deploy a change to your My Domain, make sure to preserve access for your users and admins.

How to set up Salesforce’s Enhanced Domain feature

• you will need to create a custom domain for your Salesforce instance. This can be done in the Setup by searching My Domain in the Quick Find box and then selecting My Domain
• Under the My Domain detail section, select Edit
• Select the “Use enhanced domains” option and click on Save.

Congratulations! You have successfully set up Salesforce’s enhanced domain feature. That’s how easy it is. You should now be able to access Salesforce using your company’s custom domain name.

Enhanced Domains checklist

If enhanced domains are not deployed in your Salesforce org before Salesforce deploys the feature for you, some issues can arise. Here is a checklist with possible issues for your org.

You can always rely on BRIGHTFOX to help you with the setup of your ‘My Domain’. We can handle this checklist for you and provide you with all the answers you need.

Feel free to contact us. We would love to help you.

*A Salesforce instance is the data center that is hosting your Salesforce org, there are lots of salesforce orgs that share the same data center/instance in a multitenant cloud.