Cloud With Abhi | Salesforce Tips, Code & Career

Category: Uncategorized

  • Introducing SmartBulk: A Free, Salesforce-Native Bulk Utility

    If you’ve ever had to clean up data or update hundreds of records in Salesforce, you know how painful it can get—especially when you want to stay fully native and avoid relying on external utilities.

    I’m excited to share SmartBulk, a 100% free Salesforce admin utility that helps teams perform bulk view, bulk update, and bulk delete operations directly inside Salesforce.

    Status: SmartBulk is currently under AppExchange review.
    🔗 The AppExchange listing link will be available soon.

    What SmartBulk does

    SmartBulk helps you:

    • View records in bulk based on predefined configurations
    • Update records in bulk, including inline edits where applicable
    • Delete selected records in bulk, only when the user has required permissions
    • Work faster on common admin tasks like cleanup, standardization, and maintenance

    Typical use cases include:

    • Pre-deployment cleanup
    • Fixing incorrect field values across many records
    • Removing invalid/test records safely
    • Standardizing picklists/fields across a dataset

    Built for “native-first” admins (no external tools)

    SmartBulk is designed to be fully Salesforce-native:

    • No Tooling API
    • No Salesforce Inspector
    • No browser extensions
    • No external services or integrations
    • No data stored outside Salesforce

    Everything runs within the Salesforce platform, under the logged-in user’s access.

    Who should use SmartBulk?

    SmartBulk is useful for:

    • Salesforce Admins
    • Release / DevOps teams
    • Teams doing ongoing data hygiene
    • Orgs that prefer secure, compliant, platform-native solutions

    Availability

    SmartBulk is currently submitted for AppExchange review.
    I’ll share the official AppExchange link once it’s approved and live.

    Final note

    My goal with SmartBulk is simple:
    Make bulk operations faster for admins—without relying on external tooling—and keep it free forever.

    More updates soon. 🚀

  • 🔍 Metadata Explorer Is Now Live on Salesforce AppExchange!

    I’m excited to share that Metadata Explorer is now officially live on the Salesforce AppExchange.

    What started as a simple internal utility to help me navigate metadata across Salesforce orgs has now evolved into a complete Lightning application designed to make metadata exploration faster, clearer, and developer/admin-friendly.

    🌟 Why I Built Metadata Explorer

    Working across multiple orgs at UNICEF and various packages, I frequently needed a quick way to:

    • Inspect metadata structures
    • Explore Apex classes, triggers, profiles, and permission sets
    • Find and review custom fields
    • Analyze model tables and related objects
    • Speed up impact analysis before deployments

    Most existing tools were:

    • slow
    • outdated
    • or required external setup

    So I built Metadata Explorer — a native, LWC-powered app that allows instant metadata exploration directly inside Salesforce.

    ✨ Key Features

    🔎 Explore 14+ Metadata Types

    View and analyze many important Salesforce components, including:

    • Apex Classes
    • Apex Triggers
    • Profiles
    • Permission Sets
    • Record Types
    • Custom Fields
    • Custom Objects
    • Page Layouts
    • And more

    Everything is visible in one clean interface for quick understanding of an org’s metadata structure.

    ⚡ Lightning-Fast LWC Interface

    Built entirely with Lightning Web Components for a clean, responsive, and modern UI.

    📄 Export Support

    Export metadata details for:

    • documentation
    • DevOps reviews
    • impact analysis
    • technical scoping

    🧭 Simple, Intuitive Navigation

    Switch between metadata types effortlessly without writing a single line of SOQL or using external tools.

    🧩 Who Is Metadata Explorer For?

    • Salesforce Admins
    • Developers
    • Architects
    • DevOps / Release Engineers
    • Consultants handling multiple orgs

    If you need quick visibility into any part of an org’s metadata, this tool saves time and improves analysis accuracy.

    🔗 Install Metadata Explorer

    You can install the app directly from the Salesforce AppExchange:

    👉 https://appexchange.salesforce.com/appxListingDetail?listingId=d011486b-88ac-4000-9bb7-37a5f6c7f945

    🙏 Thank You

    A huge thank you to everyone who supported this project throughout the build and review process.
    Seeing Metadata Explorer pass Salesforce’s Security Review and go live on AppExchange is a proud milestone in my ISV journey.

    More enhancements, metadata coverage, and new utilities are coming soon!

    #CloudWithAbhi

  • 🧩 Client Credentials Flow: New Invalid Scope Error

    Salesforce has updated the OAuth 2.0 Client Credentials flow in the Winter ’26 Release to return a clear error when a token request has no valid scopes. This makes debugging integration issues much simpler.

    🔐 The Change

    When a token request is made using grant_type=client_credentials and Salesforce finds that none of the effective scopes are supported, it now returns the following descriptive error:

    {
  "error": "invalid_grant",
  "error_description": "no valid scopes defined"
}

    What It Means

    • Applies only to the Client Credentials flow — other OAuth 2.0 flows are unaffected.
    • If a request includes both supported and unsupported scopes, Salesforce drops the unsupported ones and issues a token for the valid scopes.
    • If all scopes are unsupported, Salesforce rejects the request with the error above.

    Unsupported scopes (examples):

    • full → Full access
    • refresh_token / offline_access → Perform requests at any time

    Typical supported scope for integrations:

    • api → Manage user data via APIs

    🧊 Release Timeline

    This update is part of Salesforce Winter ’26, with production rollouts starting September 19, 2025.

    ❓ Why You Might See This Error

    Many integrations using the Client Credentials flow don’t send the scope parameter — and that’s fine.
    In such cases, Salesforce uses the scopes configured in the Connected App’s Selected OAuth Scopes section.

    If that Connected App contains only unsupported scopes, the request resolves to no valid scopes, resulting in:

    invalid_grant: no valid scopes defined

    Fix: Ensure at least one supported scope (like Manage user data via APIs (api)) is selected in your Connected App, even if your integration doesn’t explicitly send a scope.

    🧭 How to Find and Fix

    Step 1: Inventory

    • Identify all integrations using grant_type=client_credentials (e.g., Named Credentials, middleware, background jobs).
    • Locate the corresponding Connected Apps.
    • Review their Selected OAuth Scopes.

    Step 2: Remediate

    1. Go to Setup → App Manager → Manage Connected Apps → [App Name] → Edit Policies
    2. Under Selected OAuth Scopes, add:
      • Manage user data via APIs (api)
    3. Remove unsupported scopes (full, refresh_token, etc.).
    4. Ensure the Run As user has:
      • API Enabled
      • Required object CRUD/FLS permissions

    Step 3: Add Guardrails

    • Don’t send scope in the request — rely on Connected App scopes.
    • Monitor for token errors containing invalid_grant and “no valid scopes defined.”
    • Document your Connected App scope policy and integration user permissions.

    🧠 Summary

    AreaDetails
    Applies ToOnly OAuth 2.0 Client Credentials Flow
    ChangeNew descriptive error for missing valid scopes
    ReleaseWinter ’26 (starts Sep 19, 2025)
    ImpactToken requests with unsupported scopes now fail clearly
    FixAdd Manage user data via APIs (api) to Connected App scopes
    Best PracticeRely on Connected App configuration instead of sending scope

    💡 Pro Tip

    If you’re using Azure Logic Apps, MuleSoft, Boomi, or Postman collections with grant_type=client_credentials, review your Connected Apps now and ensure at least one supported scope is configured before Winter ’26 rolls out.

    🏁 Final Thought

    This update impacts only the Client Credentials flow, improving clarity for integration developers.
    By ensuring every Connected App includes the api scope, you’ll keep your machine-to-machine integrations running smoothly through Winter ’26 and beyond.