CRUD and Field-Level Security

Ensure that CRUD permissions and Field-Level Security are enforced in Visualforce and Lightning, to avoid exposing sensitive data.

Lorenzo Frattini avatar
Written by Lorenzo Frattini
Updated over a week ago


There are cases where developers use Visualforce or Lightning to display data derived from an SObject field in an indirect or processed form. In such scenarios CRUD and  FLS should be manually enforced.

Additional settings

If your team uses utility methods to enforce CRUD/FLS checks, it's possible to configure them in Clayton to increase the accuracy of the detections.


  • Visualforce pages and components

  • Lightning components

  • Apex classes

See also

Did this answer your question?