function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Lakshya KanchanLakshya Kanchan 

Scenario to check if org has Shield Encryption enabled

Hi

I have a business requirement wherein I need to check whether the org has Shield Encryption enabled or, not.

I need to have some apex code, SOQL query or, SFDX CLI command to check if the feature is being used in the org or, not.

Regards,
Lakshya
SwethaSwetha (Salesforce Developers) 
HI Lakshya,
This question was posted earlier https://salesforce.stackexchange.com/questions/118215/how-to-check-for-platform-encryption

Try 
sObjectType.Contact.fields.Name.isEncrypted()

If this information helps, please mark the answer as best. Thank you
Lakshya KanchanLakshya Kanchan
Hi Swetha

Thanks for the response.

But the issue is that we want to have it checked as a general way.

With the approach you are suggesting, we need to check it for all fields of all the objects, which will make it lenghty.

Do we have any optimal approach for it?

Regards,
Lakshya
SwethaSwetha (Salesforce Developers) 
>> You could alternately fetch all the fields that are encrypted in your org using  below code 
for (Schema.SObjectType object_i : Schema.getGlobalDescribe().values()) {
    for (Schema.SObjectField field_i : object_i.getDescribe().fields.getMap().values()) {
        if (field_i.getDescribe().isEncrypted()) {
            system.debug(object_i.getDescribe().name + ': ' + field_i.getDescribe().getName());
        }
    }
}
https://salesforce.stackexchange.com/questions/268078/way-to-see-all-encrypted-fields-in-salesforce

>>In non-Dev edition orgs wherein you have purchased license, you can check the Setup menu and see encryption options available (Encryption Policy , Advanced settings ).These are enabled in dev editions orgs by default.

>> You could query the TenantUsageEntitlement object or the TenantSecret object.  
system.debug('$$$'+[SELECT AmountUsed,EndDate FROM TenantUsageEntitlement]);
These have an entry when the shield is enabled in your org.

>> You can reach out to your account executive for confirmation on enablement.

If this information helps, please mark the answer as best. Thank you
 
Lakshya KanchanLakshya Kanchan
Hi Swetha

Thanks for the update.

The code for checking encryption in every field of every object seems time consuming, so isnt looking suitable.

The query you did on TenantUsageEntitlement is also giving result even if the client is using some other feature of Shield Encryption like Event API Monitoring and not the Field Encryption feature.

Are there any other options available to check this?

Awaiting your response.

Regards,
Lakshya