Thursday, May 28, 2026

Making OmniScripts Publicly Accessible: A Clear Guide

 The blog covers how to expose OmniScripts to external users via Experience Cloud (Salesforce portals/communities), but it jumps around between concepts. Here's what you actually need to do, in simple terms as mentioned in omnistudiofacts

The Three-Layer Permission Model

To make an OmniScript accessible to external users (like customers or partners using your Salesforce portal), you need to configure three permission layers.

1. Org-Wide Defaults (OWD) - Set Baseline Visibility

This controls what external users can see by default across your entire org. You need to:

  • Go to Setup → Sharing Settings

  • Click Edit on Organization-Wide Defaults

  • Search for all Omni-related objects (OmniProcess, OmniScript, etc.) and Vlocity objects

  • Set Default External Access to Public Read Only (or Public Read/Write if they need to create data)

Why this matters: Without this, external users are completely blocked from seeing OmniStudio elements, even if you grant other permissions.

2. Sharing Rules - Grant Access to Specific Records

OWD sets the baseline, but sharing rules open up access to actual OmniScript records. You need to create sharing rules for these objects:

  • Omni Process

  • Saved OmniScript

  • Vlocity OmniScript

  • Omni Data Transformation

  • Omni UI Card

  • Plus several DataRaptor-related objects (about 12 total)

How to set them up:

  • Go to Setup → Sharing Settings

  • For each object listed above, click New under its Sharing Rules section

  • Choose Guest user access, based on criteria

  • Set criteria: OwnerId or CreatedById Does Not Equal Null (this includes all records)

  • Share with: Your Experience Cloud community name

  • Access level: Read Only

Why this matters: Even if OWD allows visibility, sharing rules determine which specific OmniScript records external users can actually access.

3. Profile Permissions - Enable OmniStudio Features

The external user's profile (like "Customer Community User") needs these permissions enabled:

Critical permission:

  • Under General User Permissions, enable: "Enables consumers and partners to execute OmniScripts, DRs, and Cards through a Community or off the platform"

Additional permissions to grant:

  • Apex Class Access: Add all OmniStudio-related Apex classes

  • Custom Metadata Type Access: Enable OmniStudio custom metadata types

  • Object Permissions: Grant Read (and Edit if needed) on Omni/Vlocity standard and custom objects

Why this matters: This is the final switch that actually allows external users to execute OmniScripts - without it, nothing works even if data visibility is correct.


Below are not required but is recommended.









Posted by at
Labels: , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)