Salesforce known issues and workarounds
Salesforce known issues and workarounds
Section titled “Salesforce known issues and workarounds”This page captures live quirks, historical gotchas, and findings from
the automated audits under analysis/. Treat it as the tracker for
work that has been identified but not yet actioned.
High priority — action required
Section titled “High priority — action required”Connected Apps without Admin-Approved-Only
Section titled “Connected Apps without Admin-Approved-Only”44 of 48 Connected Apps allow any authenticated user to authorise them.
- Impact: a phishing or device-compromise vector — a compromised user can authorise any of these into their session.
- Action: audit each app, set
permittedUsers = admin_approved_users_are_pre_authorizedfor the ones still in use, revoke the dormant ones. - Full list:
docs/generated/integrations/connected-apps.md.
Only four apps are currently locked down: Copilot for Sales,
OIQ_Integration, PDF_Butler_APAC1, and SUMO Connected App.
Regional PDF Butler variants (CA1, EU1, JP1, UK1, US1,
MV_*) are likely safe to revoke — PWG is APAC-only.
Opportunity pipeline integrity
Section titled “Opportunity pipeline integrity”3,029 of 4,408 open Opportunities (69%) sit in “Proposing” with median age 858 days and P90 of 1222 days.
- Diagnosis: “Proposing” is being used as a parking lot. The pipeline stages no longer reflect real advice-engagement states.
- First fix: StageName Field History Tracking was enabled on 2026-04-24. Real dwell-time-per-stage becomes measurable once 30 days of transitions accrue.
- Second fix: hand the list of stale Proposing Opps to sales ops for close-out or re-stage.
- Source:
analysis/process-bottlenecks-*.md.
Medium priority
Section titled “Medium priority”Task fatigue
Section titled “Task fatigue”107,484 total tasks in the org. 11,277 open, 7,100 overdue (ActivityDate in the past, still open).
- Action: monthly queue triage; re-assign or close stale tasks. Watch for tasks owned by deactivated users.
- Source:
analysis/task-fatigue-*.md.
Inactive queues are the largest single contributor — tasks assigned to a queue where no active user is monitoring end up lost in the void. Several active users also carry > 150 open / > 100 overdue.
Multi-trigger SObjects
Section titled “Multi-trigger SObjects”14 SObjects carry more than one Apex trigger. This violates the one-trigger-per-object handler pattern and makes the order of trigger execution implementation-defined.
- Action: consolidate into a single trigger per object using a handler class. Low-risk objects first.
- Source:
analysis/performance-*.md.
Flow version churn
Section titled “Flow version churn”80 Flows have five or more versions. Some iteration is normal; five or more suggests an unresolved requirement.
- Action: spot-audit the top-ten highest-version Flows. Archive older versions to reduce metadata weight.
- Source:
analysis/misconfig-*.md.
Low priority / cleanup
Section titled “Low priority / cleanup”Empty Permission Sets and Profiles
Section titled “Empty Permission Sets and Profiles”- 26 of 56 profiles are empty — historical artefacts.
- 18 custom Permission Sets are empty — top cleanup candidate.
- Action: delete after confirming no assignment. Use
analysis/misconfig-*.mdfor the list.
Legacy Apex API versions
Section titled “Legacy Apex API versions”23 Apex classes are on API version < 45. These predate several platform features. Nothing is broken, but they drift from current defaults.
- Action: bump API version alongside any change that touches a legacy class.
OpportunityField history tracking (retroactive gap)
Section titled “OpportunityField history tracking (retroactive gap)”Dwell-time-per-stage analysis cannot cover the period before
2026-04-24 when tracking was enabled. There is no way to back-fill.
Any analysis covering older periods has to rely on
CreatedDate + current stage, which is a proxy, not truth.
Quirks and gotchas
Section titled “Quirks and gotchas”Single surviving Workflow Rule
Section titled “Single surviving Workflow Rule”Out of a historical set, 1 Workflow Rule remains. The org has otherwise fully migrated to Flow. The surviving rule should be ported or decommissioned — it is the only non-Flow automation path left.
Dual trigger frameworks on FSC objects
Section titled “Dual trigger frameworks on FSC objects”dlrs_*Trigger (managed by the DLRS package) coexists with PWG*Trigger
(internal) on several FSC objects. If rollups appear out of sync,
check whether both frameworks are touching the same field.
CORS Whitelist not enumerable via Tooling API
Section titled “CORS Whitelist not enumerable via Tooling API”Noted in docs/generated/integrations/INDEX.md — the tooling API
does not expose CORS in this org. Use Setup directly.
Closed / historical
Section titled “Closed / historical”97% API consumer
Section titled “97% API consumer”Closed 2026-04-24. aad.provision@pwg.com.au was 97% of API
traffic. David confirmed this is one-off manual Entra-driven user
updates, not a chatty re-sync. No action required.
Further reading
Section titled “Further reading”analysis/recommendations-*.md— full prioritised backlog.analysis/security-*.md,analysis/misconfig-*.md,analysis/performance-*.md— raw audit output.docs/human/admin-procedures.md— monthly admin checklist to keep this list from growing.