Create Salesforce Custom Object using Apex Class

Custom Objects and Custom fields in Salesforce

I recently got this requirement to create a custom object from Apex.
Custom objects, fields, permissions, and all other configurations can be done using an Apex class.

  • Download the provided files
  • Create the Apex class ‘MetadataService.cls’ and its Test Class ‘MetadataServiceTest.cls.’
  • Create a new Apex class, ‘CreateCustomObject.cls.’

Execute the code in execute anonymous window to create the custom object.


Try to utilize the other methods from the class as well.

Yeshas Konduru
Date 04/11/2023

Salesforce Summer’21 release Highlights / Development / Administration

Install More Custom Fields

Custom fields limit has been increased from 500 to 900.

We can create up to 800 custom fields and can also have 100 fields from the managed package.

Set Expirations for Assignments on Permissions in Permission Sets and Permission Set Groups

When assigning users to a permission set or permission set group, select expiration dates that you specify. Control when a user’s permissions expire based on your business requirements.

We can also Set Expirations for Permission Set Groups

Convert the Read Only Standard Profile to a Custom Profile (Update, Enforced)

This update converts the Read Only standard profile to a custom profile, which allows you to edit permissions in this profile as your business needs require. This update was first available in Spring ’21 and is enforced in Summer ’21.

Securely Call the Visualforce Remoting API

The Visualforce Remoting API uses JavaScript to call methods in Apex controllers directly from Visualforce pages. To ensure that the API is properly secured, calls now have stricter validation. This update is enforced in Winter ’22

To improve security of the Visualforce JavaScript Remoting API, this update modifies how the CSRF token is created for the Visualforce $RemoteAction global variable. This validation adds more protection to API remoting calls by guest users. Also, this update validates the {“apexType”: “Object”} parameter used by the Visualforce $RemoteAction global variable against the Apex method parameter and throws an error if the apexType parameter is invalid. This validation prevents users from providing Apex objects they can’t access or providing Apex objects that don’t satisfy the Apex method parameter.

We recommend performing these testing steps in a sandbox environment to evaluate the release update’s impact and fix any validation errors before it’s auto-enabled in Winter ’22.

Actions to Asynchronous Apex Jobs Using Transaction Finalizers

The System.FinalizerContext interface contains four methods.

  1. getAsyncApexJobId
  2. getRequestId
  3. getResult
  4. getException

Require Multi-Factor Authentication for Logins to Subscriber Orgs (Update, Postponed)

This update is part of the Salesforce requirement that all customers enable multi-factor authentication (MFA) for their Salesforce products. Released in Winter ’21, this update was scheduled for auto-activation in Summer ’21, but that has been changed to Spring ’22 to align with the larger Salesforce requirement. This update secures access to subscriber orgs by requiring MFA when logging into the License Management Org (LMO).

Where: This change applies to the License Management Orgs used to support first- and second-generation managed packages. 232 Salesforce Summer ’21 Release Notes Packaging

When: Salesforce will enforce this update in Spring ’22. To get the major release upgrade date for your instance, go to Trust Status, search for your instance, and click the maintenance tab.

Why: This change provides subscribers who need assistance with their managed packages an extra layer of security by verifying the identity of the user accessing their org. This change also gives you more control and accountability over which users log into a subscriber org.

How: To test and apply this update, from Setup, in the Quick Find box, enter Release Updates, and select Release Updates. Locate Require Multi-Factor Authentication for Logins to Subscriber Orgs and follow the testing and activation steps. If the License Management Org session hasn’t been established using MFA, this update blocks attempts to access the Subscriber Support Console.

Update Guest User’s Email Address

When you create Salesforce site, Salesforce automatically creates a guest site user. In any site created before the Summer ’21 release, the email address for the site guest user record was that of the Salesforce user who created the site. After the Summer ’21 release, the system generates a dummy email address to use in the guest site user record.

Search : Apex Changes and New Items

Deleting Apex Classes / Apex Triggers from Production using Workbench

This is a rare scenario which we might face when not using any IDE or Source Control as part of the Salesforce Development.

In order to Delete Apex Classes / Apex Triggers from Production directly using Workbench, Follow the steps from this post and complete your task efficiently.

  1. Open Notepad
  2. Copy the below text and save it as “package.xml” (All files).
    (Update the Version number accordingly)
<?xml version="1.0" encoding="UTF-8"?>
<Package xmlns="">

3. Create another file, copy the below text and save it as “destructiveClasses.xml” (All files).
(Update the Version number accordingly)

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="">

The above file is based on assumption that you want to delete 2 Apex Classes and 2 Apex Triggers. Adjust based on your requirement.

Note: File names should be as mentioned in Point 2 and Point 3

4. Create a new folder with Name: “deleteClasses” and Drag & Drop the above 2 files.

5. Open the folder and Select those 2 files > Right Click and Select “Send To Compressed Folder

6. Name the Compressed folder as “

7. Open Workbench > Login with Org Credentials

8. Click on Migrate Tab and Choose Deploy

9. After clicking on Deploy
Select Check Only (For Validation before deployment)
Rollback On error
Single Package

10. If the validation is Success, Uncheck the “Check only” checkbox and continue the deployment.

Chandra [03/02/2021]

Salesforce CMS

What is salesforce CMS?
Salesforce CMS is a hybrid content management system, where you can curate and share content, manage multiple language versions of your content, and control who creates what. Use Salesforce CMS to create, manage, and deliver content from a central location, and then share that content across multiple channels. (Credits and Reference)

Advantages of CMS
1. Users having basic salesforce knowledge can create or update the content
2. Content can be updated multiple times as multiple versions and based on the business needs users can publish the appropriate content

Salesforce native CMS setup
1. Install CMS app exchange package

  • Create a CMS workspace that can be utilized across multiple communities


Salesforce Spring ’21 Highlights / KeyPoints / Non-Lightning

Protect Users from Insecure Downloads in Chrome

Broken Images, error results, error in attachments that are being hosted on a non-secure HTTP page.

We need to make sure that all the connections to and from Salesforce are HTTPS.

Build Customer Trust with the Error Handler System Dialog (Chat Bot)

This feature will be helpful in handling the errors that are occurred after initiated ChatBot. A more detailed description of errors for handling as required.

Refer the security URL in static resources

To maintain security, maintain the URLs in the Static Resources and refer in code.

View All, Modify All, Edit, and Delete Object Permissions Removed for Guest Users

 Need to check if the Guest User profile has the Permissions to Create, Read, Update Permissions on the related Objects

Obsolete Permissions from Guest User Profiles Were Removed

Permissions which are not tied to any App are removed from the Guest user Profile.

Guest Users can only have Create and Read only object permissions

Mixed Content Downloads Blocked in Google Chrome

An example of a mixed content download is placing a link to an HTTP site on a Salesforce HTTPS page. This is related to Insecure downloads in Chrome.

Convert the Read Only Standard Profile to a Custom Profile (Update in Summer ‘21)

 This update converts the Read Only standard profile to a custom profile. After the update is enforced, you can edit permissions in this profile as your business needs require.

The Read Only Profile Is No Longer Available in New Salesforce Orgs

Salesforce orgs created in Spring ’21 and later don’t have the Read Only standard profile.

Enable HTTPS on Your Domains

Needs to redirect the public site HTTP URLs to HTTPS

Make sure to check all the sites and Sessions settings – The checkbox Require secure connections (HTTPS) for all third-party domains should be checked.

Chandra V – 01/11/2021

How to resolve? This page has an error: Sorry to Interrupt

This page has an error. You might just need to refresh it. AuraClientService.postProcess: error in processing [Maximum call stack size exceeded].

As per the document, it is recommended to use different names for the client side and server side methods/actions.

Use unique names for client-side and server-side actions in a component. A JavaScript function (client-side action) with the same name as a server-side action (Apex method) can lead to hard-to-debug issues.

So all you need to do here is, change your client-side controller’s method getAccountRecords to something like getAccountRecordsData.

Yeshas K.

Deleting Related Records

The delete operation supports cascading deletions. If you delete a parent object, you delete its children automatically, as long as each child record can be deleted.

For example, deleting the account you created earlier (SFDC Account) will delete its related contact too.
Execute this snippet in the Anonymous Apex window of the Developer Console.

Account[] queriedAccounts = [
FROM Account 
WHERE Name='SFDC Account'
delete queriedAccounts;

Check the accounts and contacts in your org.
You’ll see that both the account and its related contact were deleted.

Yeshas K