Use of Session IDs in Visualforce

Session IDs should be treated as secrets and handled with care, as they may allow access to the Salesforce API on behalf of the running user.

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Use of Session IDs in Visualforce?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

How common is this issue?

lower

How long do organizations remain exposed before fixing the problem?

94%

shorter

Trusted

Secure

Session Security

Session Management

A07:2021 – Identification and Authentication Failures

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.