Skip to main content
Thoughtful young man pictured in a mural.

Writing for Developers and Consultants: Guides and Resources

Last year I wrote several pieces on writing for Developer and Consultants (the writing category will bring them up). That series became a talk on broader communications skills that I gave at Dreamforce 2024, and other settings – including twice this month. Part of that talk includes a series of books and similar resources that weren’t part of the original series. I figured it was time to add them in here. ...

May 31, 2025 · 5 min · Aaron Crosman
Two squirrels chasing each other in Central Park

Salesforce Id Iteration Attacks

Please stop using Salesforce Ids in URLs or other user accessible parts of your solution. Why not use Salesforce Ids on public web sites? I run into this question from time to time and figured some more public commentary would be useful. The super short version: they are not a security or access control mechanism. During a recent Salesforce Open Source Commons sprint a question came up about why it’s important to use a random value, instead of a Salesforce Id, in public facing use cases. We were talking about the Unsubscribe Link package, and it makes a good use case for discussion. ...

April 10, 2025 · 8 min · Aaron Crosman
Digital movie theater sign that reads Its Miller Time.

Experiments with AI Coding

I recently spent some time generating some simple programs with AI coding tools. As a technical architect and senior developer, I am watching the emergence of AI coding tools carefully. I know that the robots are coming for the coding parts of my job. Watching this generation of robots is important to long-term understanding of the field. To be clear I have been experimenting with Github Copilot and Salesforce’s Agentforce for Developers since they were released. Most of my earlier experiments were failures. The tools wrote trivial code terribly and simply couldn’t understand more complex requests. They made me slower, not faster, so I put them aside for a time. But they are evolving fast and were worth another look. ...

March 22, 2025 · 9 min · Aaron Crosman
Musician in Central Park on a cold afternoon, playing a traditional Chinese Banhu

Reset Security Token for Salesforce Integration User

In the Spring ’23 release Salesforce added the Integration User License. They provide 1 or more free licenses to all Enterprise, Unlimited, Performance, and Developer Edition orgs. They can be a little tricky to setup, but are incredibly useful for integrations since they give you a free way to connect 3rd party applications where “best practice” had previously required buying a full license for each integration point. But because they have no user interface access there is no clear path to reset the security token (in fact Salesforce says you cannot do it, although it’s listed as on Roadmap). There is a way to get this done, it just requires that you have Login As permission. ...

February 16, 2025 · 2 min · Aaron Crosman
Horse from Central Park Carousel Railing

Architectures for Constituent Portals Part 2

In part 1 I talked about the kinds of architectures you should considering when planning a Constituent portal. In part 2 I’ll give you some guidance about how to pick the right architecture for your project. Reminder of the Options Part 1 provides a detailed review of the directions that data can flow, and the types of architectures you can use to support your solution: Data can be outbound to constituents, provided by individual constituents, or exchanged among constituents. There are all-in-one solutions, two-system solutions, and solutions with an API or data proxy layer. Three patterns, three potential solutions: it’s temping to think they align 1:1 – but then a whole second article would have been a waste of time. But it is important to keep them in your mind as you determine the best-fit for your organization and use case(s). ...

January 25, 2025 · 9 min · Aaron Crosman
Trays of Christmas tree shaped cookies.

Mom's Christmas Cookies

My mom passed away just over a year ago. We went through Christmas without her last year for the first time, but there is still a different feel this year. One of the ways both my sister and I remember mom is through her baking. There were several classic cookies, and similar treats, she made every year. Neither of us makes the whole collection, but we both have settled into a couple favorites. ...

December 23, 2024 · 3 min · Aaron Crosman
walking around

Architectures for Constituent Portals

One of the common needs, or at least desires, for CRM users is to link their CRM to some kind of constituent portal. There are several ways you can architect a good data pattern for your constituent portal. The trick is picking the right one for your organization. This is the first in a series on what your choices are, and now to select the right one. The architecture you select will drive the implementation cost, maintenance costs, and scalability. ...

November 30, 2024 · 7 min · Aaron Crosman
IMG_3829

Tips for Salesforce Exams Part 2 – Taking the Exam

This is a second in a two part series on taking Salesforce Certification Exams. We’ll be talking here about taking the exam. You might also find part 1 on studying useful. For this discussion I’m assuming you have picked your exam, studied as best you can, and now it’s time to take the exam. Scheduling a Salesforce Exam In my article on studying I recommended scheduling your Salesforce exam a week or two after you had prepped your flash cards. Of course it’s not exactly that straight forward. You need to pick the location and timing that works to your best advantage. ...

October 5, 2024 · 9 min · Aaron Crosman
sheepMural

Tips for Salesforce Exams Part 1 – Studying

Salesforce certification exams are a fact of life for many of us in the eco system. Whether you are a consultant who needs to add at least one a year or taking your first exam it’s important to have a plan for how you approach your next test. Getting through Salesforce Exams generally requires a mix of memorization, understanding key concepts, and good test taking skills. Currently I hold 13 Salesforce certifications and have survived 12 exams to get there (there are a couple two-for-ones to be had among the Architect exams) and I passed all but one on the first try. This is by no means makes me exceptional – my current manager holds somewhere between 35-40 certifications, I lost track a test or two ago – but it does mean I’ve taken enough to develop a routine that works pretty well. ...

September 25, 2024 · 11 min · Aaron Crosman
AikenChoice-5

More Advice from a College Professor's Spouse

Two years ago my sister’s oldest child went off to college. As a marker for that occasion I wrote up some thoughts on what I think college student’s should know. In a little while my sister’s youngest child is headed off to college as well; so I decided it’s time to write part two. Since my wife is a college professor, and I’m framing my understanding as being her husband, I need to be clear: these are my thoughts. They are not hers. They are not those of her colleagues, or any of our other friends who are college professors. Yes, my ideas are influenced by being friends with those folks, and I hope they agree with me. But in the end, this advice is mine. If you want advice from a college professor – well college students have easy access to those and should politely ask them directly. ...

August 5, 2024 · 8 min · Aaron Crosman