API Only Users Can Access Only Salesforce APIs (Previously Released Critical Update)

If a user has the API Only User permission, they can access Salesforce only via APIs, regardless of their other permissions. This critical update was created in the Spring ’19 release, but we neglected to mention it in the Spring ’19 release notes.

When: Salesforce will automatically activate this critical update on the auto-activation date listed on the Critical Updates page in Setup.

Who: This change affects users with the API Only User permission.

How: To test this critical update, we recommend working in a sandbox.

  1. From Setup, enter Critical Updates in the Quick Find box.
  2. Select Critical Updates.
  3. Review the details for the “API Only Users Can Access Only Salesforce APIs” critical update.
  4. Click Activate.
  5. If any user can't access the Salesforce UI, ensure that they don’t have the API Only User permission enabled.