By default, all site visitors can gain access to active public site information. For example, your visitors can access your assets and pages.
But when it comes to allowing a guest user to view or submit files to your custom Salesforce object, you need first to change the object’s permission parameters in that guest user’s profile.
What Is a Guest User in Salesforce?
A guest user is anyone you can use for applications like event management applications, volunteer applications, donation applications and many more.
The Salesforce feature that allows accommodation of these “external users” is the SITE GUEST USER. Examples of external constituents that can be accommodated are those making donations, applying for events, making a commitment to contribute data, etc. You may or may not show data through a particular user, depending on the need of your organization.
Now, a guest user is not included in the users list of your system. Even if you go to MANAGE USERS or PERMISSIONS, you cannot find guest users. You will not be able to create profiles for these users. They have no password, no session browsing and no API access. Simply put, they have no roles.
Site Guest User License
Allowing guest users to submit data to a particular object requires modification of that object’s permission. Modification can be done only in the SITE GUEST USER’s profile. Every site has its own unique GUEST USER license, so you have full control of access of guests to objects and fields, but that control can be done only on a per site basis.
To illustrate, let’s say you have donation application and volunteer application. You can configure a volunteer guest user to commit data only to fields and objects related to the volunteer application. The same restriction may be applied for guests intending to commit data to your donation application.
That is by far the best security practice we’ve known in guest user platforms designed for CRMs.