Experience Cloud site configuration, LWC in communities, guest user security, and deployment strategies
From claude-sfdx-iqnpx claudepluginhub bhanu91221/claude-sfdx-iq --plugin claude-sfdx-iqThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Experience Cloud (formerly Community Cloud) enables building branded portals, forums, and websites on the Salesforce platform. Sites are built using Experience Builder with pre-built templates and customizable Lightning Web Components.
| Template | Use Case | Features |
|---|---|---|
| Customer Service | Support portal | Knowledge, Cases, Live Agent |
| Customer Account Portal | Self-service account management | Account details, order history |
| Partner Central | Partner relationship management | Leads, opportunities, deal registration |
| Help Center | Searchable knowledge base | Articles, categories, search |
| Build Your Own (Aura) | Fully custom Aura-based site | Maximum flexibility, Aura components |
| Build Your Own (LWC) | Fully custom LWC-based site | Modern stack, LWC components |
Rule: Choose "Build Your Own (LWC)" for all new sites. Use template-based sites only when the out-of-box features match requirements closely.
LWC components must declare the lightningCommunity__Page target to appear in Experience Builder.
<!-- myComponent.js-meta.xml -->
<?xml version="1.0" encoding="UTF-8"?>
<LightningComponentBundle xmlns="http://soap.sforce.com/2006/04/metadata">
<apiVersion>62.0</apiVersion>
<isExposed>true</isExposed>
<targets>
<target>lightningCommunity__Page</target>
<target>lightningCommunity__Default</target>
<target>lightning__RecordPage</target>
</targets>
<targetConfigs>
<targetConfig targets="lightningCommunity__Default">
<property name="title" type="String" label="Section Title" default="Welcome" />
<property name="recordsPerPage" type="Integer" label="Records Per Page" default="10" />
<property name="showHeader" type="Boolean" label="Show Header" default="true" />
</targetConfig>
</targetConfigs>
</LightningComponentBundle>
| Target | Description |
|---|---|
lightningCommunity__Page | Full page component in Experience Builder |
lightningCommunity__Default | Drag-and-drop component in Experience Builder |
lightningCommunity__Page_Layout | Page layout region component |
import { NavigationMixin } from 'lightning/navigation';
export default class MyComponent extends NavigationMixin(LightningElement) {
navigateToRecordPage(recordId) {
this[NavigationMixin.Navigate]({
type: 'standard__recordPage',
attributes: {
recordId: recordId,
objectApiName: 'Case',
actionName: 'view'
}
});
}
navigateToListView() {
this[NavigationMixin.Navigate]({
type: 'standard__objectPage',
attributes: {
objectApiName: 'Case',
actionName: 'list'
},
state: {
filterName: 'My_Open_Cases'
}
});
}
navigateToCustomPage() {
this[NavigationMixin.Navigate]({
type: 'comm__namedPage',
attributes: {
name: 'Custom_Page__c'
}
});
}
}
import communityId from '@salesforce/community/Id';
import communityBasePath from '@salesforce/community/basePath';
// communityId -- the Network ID of the current community
// communityBasePath -- URL path prefix (e.g., "/s" or "/customers")
Guest users access Experience Cloud sites without authentication. Security is critical.
The Guest User profile should have the absolute minimum permissions.
Configuration checklist:
Guest users operate under a special sharing context. Standard sharing rules do not apply to guest users by default.
Setup > Sharing Settings > Guest User Sharing Rules
Rules:
// Controllers used by guest users must be extremely restrictive
public with sharing class GuestArticleController {
@AuraEnabled(cacheable=true)
public static List<Knowledge__kav> getPublishedArticles(String category) {
// Strict parameter validation
if (String.isBlank(category)) {
throw new AuraHandledException('Category is required');
}
// Query only published, public articles
return [
SELECT Id, Title, Summary, ArticleNumber
FROM Knowledge__kav
WHERE PublishStatus = 'Online'
AND IsVisibleInPkb = true
AND Category__c = :category
WITH SECURITY_ENFORCED
LIMIT 50
];
}
}
Guest user Apex rules:
with sharingWITH SECURITY_ENFORCED or WITH USER_MODE@AuraEnabled(cacheable=true) for read-only operations to leverage CDN cachingExperience Cloud sites support CDN (Content Delivery Network) caching for performance.
Setup > Digital Experiences > Settings > Enable CDN
Cacheable content:
@AuraEnabled(cacheable=true) responsesNon-cacheable content:
For LWC components, use cacheable=true to signal that the response can be cached:
@AuraEnabled(cacheable=true)
public static List<Article__c> getArticles() {
return [SELECT Id, Title FROM Article__c WHERE Status__c = 'Published' WITH SECURITY_ENFORCED];
}
Rule: Mark all read-only, non-personalized Apex methods as cacheable=true. This enables both client-side wire caching and CDN caching.
support.company.com)Setup > Digital Experiences > All Sites > [Site] > Administration > Custom Domain
Rules:
support.company.com), not the root domainSalesforce CMS provides content management for Experience Cloud sites.
import { LightningElement, wire } from 'lwc';
import getContent from '@salesforce/apex/CmsContentController.getContent';
export default class ContentDisplay extends LightningElement {
@wire(getContent, { contentKey: '$contentKey' })
content;
}
CMS content can also be placed using the CMS components in Experience Builder without custom code.
Define audiences based on:
Create multiple variations of a page, each targeting a different audience.
Experience Builder > Page > Audience Targeting > New Variation
Use cases:
Experience bundles contain the site configuration, pages, themes, and component placement.
sf project retrieve start --metadata ExperienceBundle:My_Site --target-org myOrg
sf project deploy start --metadata ExperienceBundle:My_Site --target-org targetOrg
force-app/main/default/experiences/My_Site/
config/
My_Site.json (site configuration)
views/
home.json (page definitions)
login.json
themes/
My_Theme.json (branding, colors, fonts)
routes/
home.json (URL routing)
Rules:
Setup > All Sites > Publish)Community users (Customer Community, Partner Community) use the external OWD which defaults to Private.
| User Type | License | Object Access | Sharing |
|---|---|---|---|
| Customer Community | Customer Community | Cases, Contacts (own) | Account-based sharing |
| Customer Community Plus | Customer Community Plus | Broader object access | Sharing rules, manual shares |
| Partner Community | Partner Community | Leads, Opportunities | Role-based, account-based |
// Grant access to a record for a community user
AccountShare share = new AccountShare();
share.AccountId = accountId;
share.UserOrGroupId = communityUserId;
share.AccountAccessLevel = 'Edit';
share.OpportunityAccessLevel = 'Read';
share.RowCause = Schema.AccountShare.RowCause.Manual;
insert share;
Configure in Setup to grant community users access to records related to their account or contact.
Setup > Digital Experiences > Settings > Sharing Sets
Rule: Use Sharing Sets for standard access patterns. Use Apex sharing (manual shares) only for complex scenarios that Sharing Sets cannot handle.
without sharing in guest-accessible controllers. Always use with sharing for guest-facing code.cacheable=true for read-only community data. Missing CDN and caching benefits.