SF Org LiveSF ORG LIVE
FeedbackConnect Org

// User Guide

SF Org Live Documentation

SF Org Live connects to any Salesforce org and runs a comprehensive health assessment in ~2 minutes. This guide covers everything from connecting your first org to reading the findings and exporting results.

πŸ—ΊοΈ

Overview

SF Org Live performs 29 automated health checks across six categories and captures 27 metadata inventory views β€” all via read-only API calls. No data is extracted from your org, no records are read, and nothing is written back.

πŸ”’

Security & Access

Profiles, perm sets, OWDs, sharing

πŸ—οΈ

Data Model

Objects, fields, relationships, limits

βš™οΈ

Automation

Flows, WFRs, Process Builders, Apex

🧹

Technical Debt

Unused fields, hardcoded IDs, APIs

πŸ›οΈ

Governance

Undocumented objects, roles, naming

πŸ“Š

Platform Limits

API usage, storage, code size

πŸ”Œ

Connecting Your Org

Go to sforg.live/connect. Two authentication methods are available:

Method 1 β€” Username & Password (recommended)

1
Enter your Salesforce username (e.g. user@company.com)
2
Enter your password
3
Enter your Security Token β€” find it in Salesforce under Settings β†’ My Personal Information β†’ Reset My Security Token. The token is emailed to you.
4
Select Prod / DE or Sandbox at the top right.
5
Click Connect to Salesforce.

⚑ This method creates a new API login entry in your org's Login History (visible to admins). The source IP will be the SF Org Live server, not your laptop.

Method 2 β€” Session ID / Token Key

1
Log in to your Salesforce org normally in your browser.
2
Open Developer Console (gear icon β†’ Developer Console).
3
Go to Debug β†’ Open Execute Anonymous Window and run:
String sid = UserInfo.getSessionId();
System.debug('TOKEN_PART1: ' + sid.substring(0, sid.length() / 2));
System.debug('TOKEN_PART2: ' + sid.substring(sid.length() / 2));
System.debug('INSTANCE_URL: ' + Url.getOrgDomainUrl().toExternalForm());
4
Click Execute, then open the Logs tab. Find TOKEN_PART1 and TOKEN_PART2 β€” join them together to form your Session ID.
5
Paste the Session ID and Instance URL into the Token Key tab.

⚑ Session IDs expire when you log out of Salesforce. This method does NOT create a new Login History entry β€” it reuses your existing browser session.

πŸš€

Running an Assessment

After connecting, you land on the Dashboard. If no assessment has been run yet, you'll see a Run Assessment button.

1
Click Run Assessment β€” the button is at the top of the Dashboard page.
2
Wait ~2 minutes. A progress indicator shows which phase is running (connecting β†’ running checks β†’ capturing inventory β†’ building field index).
3
The dashboard populates automatically when complete. Results are saved β€” you don't need to re-run every visit.

What happens during an assessment

  • β†’29 health checks run in parallel (security, automation, tech debt, governance)
  • β†’27 metadata inventory views are captured and stored as snapshots
  • β†’Field dependency index is built β€” cross-referencing every custom field against Apex, Flows, page layouts, compact layouts, and field sets
  • β†’~778 Salesforce API calls total (well within Enterprise/Unlimited limits)

Developer Edition orgs: DE orgs have a 15,000 daily API call limit. An assessment uses ~778 calls, leaving room for ~19 assessments per day before hitting the limit.

πŸ“Š

Reading the Dashboard

The Dashboard is organized into 8 numbered sections. Each section gives you a focused view of a different aspect of org health.

01

Org Health Score

An overall 0–100 score weighted across all checks. Below 60 = significant issues. 60–80 = moderate health. Above 80 = well-maintained org. The score penalizes critical and high findings more heavily than medium/low ones.

02

Health Check Summary

A grid of all 29 checks showing pass/fail status. Green = passed. Red/orange = finding raised. Click any check to jump to its detail in the Findings page.

03

Platform Capacity

Gauges showing your current API usage (24h), data storage, file storage, async Apex, and platform events β€” all against their limits. Values below 1% show one decimal place (e.g. 0.1%) so they're never rounded to 0.

04

Technical Debt

A structured breakdown of automation and code debt. Shows active Workflow Rules and Process Builders (deprecated tools that should be migrated to Flow), active Flows, customer Apex classes (production vs test), customer triggers, hardcoded IDs/URLs, and classes on old API versions.

05

Security Posture

Profile β†’ Permission Set modernization score (% of permissions delivered via perm sets vs profiles), elevated privilege counts (Modify All / View All across profiles and perm sets), and active internal user count.

06

Object Complexity

A per-object complexity score based on triggers Γ— flows Γ— validation rules Γ— field count. High-complexity objects are the most likely sources of performance issues and governor limit errors. Sort by score to find your most complex objects.

07

Metadata Bloat

Shows custom field count per object as a percentage of the 500-field limit. Also shows the 'suspect' count β€” fields not referenced anywhere in Apex, Flows, validation rules, page layouts, or compact layouts.

08

Unused Field Candidates

Full drill-down of every custom field not found in any code or metadata source. Grouped by object. Click any object header to expand/collapse. These are candidates for cleanup β€” not guaranteed unused, but worth reviewing.

πŸ”

Understanding Findings

The Findings page lists every issue detected, sorted by severity. Each finding includes a title, description, recommendation, and the list of affected records.

Severity levels

Critical

Immediate risk β€” governor limit violations, SOQL/DML in loops, major security gaps. Fix these first.

High

Significant technical debt or security concern requiring near-term action.

Medium

Best practice violation or moderate risk. Should be addressed in the next sprint/quarter.

Low

Minor improvement opportunity. Address when convenient.

Info

Informational β€” no action required, but worth being aware of.

Check categories

β†’ automation β€” Flow health, WFR/PB deprecation

β†’ security β€” Profiles, perm sets, sharing, OWDs

β†’ data_model β€” Object/field limits, relationships

β†’ code_quality β€” API versions, hardcoded values

β†’ governance β€” Naming, documentation, roles

β†’ performance β€” Complexity scores, SOQL patterns

Top 5 Quick Wins

The bottom of the Dashboard shows the 5 highest-priority findings with direct links to their detail. These are the recommendations most likely to have the highest impact for the least effort β€” a useful starting point for a client conversation.

πŸ—„οΈ

Inventory Explorer

The Explorer tab gives you a full searchable, filterable table for each of the 27 metadata views. Think of it as a read-only Object Manager for your entire org's metadata.

Data Model

Custom Objects, Custom Fields, Standard Objects, Object Relationships, Record Types, Validation Rules, Object Limits Usage

Automation

Lightning Flows, Process Builders, Workflow Rules

Code

Apex Classes, Apex Triggers

Security & Access

Profiles, Permission Sets, Active Internal Users, Roles

User Interface

Visualforce Pages, Aura Components, LWC Components, Custom Tabs, Custom Labels

Settings & Resources

Named Credentials, Remote Site Settings, Static Resources, Email Templates, Org Profile

Key inventory views explained

Custom Fields

Every custom field across all objects, with Label, Type, namespace, created date, and last modified date. Fields older than 3 years are highlighted amber in Excel export. Includes the isTest column for Apex classes.

Lightning Flows

Active flows only, with proper type classification: Record-Triggered (Before/After Save), Scheduled, Platform Event, Screen Flow, Auto-launched. Shows the trigger object for record-triggered flows.

Object Limits Usage

Per-object counts for custom fields, relationships, rollup summaries, validation rules, workflow rules, and approval processes β€” sorted by worst percentage used so the most at-risk objects appear first.

Object Relationships

Every lookup, master-detail, and relationship between objects, useful for impact analysis before deleting fields or refactoring object architecture.

πŸ“₯

Export Options

All inventory data can be exported to Excel. The export is accessible from the Explorer tab.

Full Excel export (all 27 views)

1
Go to the Explorer tab.
2
Click Download All (Excel) at the top right.
3
The file downloads immediately β€” named OrgName_inventory_YYYY-MM-DD.xlsx.

What's in the Excel file

Key Findings sheet β€” all findings sorted by severity with colour-coded rows (red = critical, orange = high, yellow = medium, blue = low, green = info). Includes title, description, recommendation, and affected record count.

Summary sheet β€” one row per view with total record count and a smart breakdown (e.g. "81 prod Β· 34 test Β· 992 managed" for Apex Classes).

One sheet per inventory view β€” all 27 views as individual tabs with Salesforce-blue headers, frozen top row, auto-filter, and threshold-based row highlighting.

Row highlighting in Excel

Custom Objects

Red if >100 fields, amber if >50

Profiles / Perm Sets

Red if Modify All, amber if View All

Apex Classes / Triggers

Red if API <v40, amber if <v50

Workflow Rules

Amber β€” all rows (deprecated tool)

Process Builders

Amber β€” all rows (deprecated tool)

Roles

Red if depth >5, amber if depth >3

Custom Fields

Yellow if not modified in 3+ years

Apex Classes grouping

Customer prod β†’ test (green) β†’ managed (grey)

πŸ”

Security & Privacy

What SF Org Live accesses

  • βœ“Metadata only β€” object definitions, field names, code structure, flow names, user counts
  • βœ“Org configuration β€” profiles, permission sets, roles, sharing settings
  • βœ—No record data β€” no Account records, Contact names, Opportunity amounts, or any business data
  • βœ—No writes β€” the connection is entirely read-only
  • βœ—No data stored beyond the metadata snapshot β€” credentials are encrypted at rest

Login History visibility

Username/Password method: Creates a new Login History entry visible to org admins. Login Type shows as "Remote Access 2.0" / API. Source IP is the SF Org Live server (not your laptop's IP).

Session ID method: Does NOT create a new Login History entry β€” it reuses your existing browser session. The API call count increases but no new login is logged.

Corporate network warning

If you see "connection not secure" on your office network, this is your company's SSL inspection proxy (Zscaler, Netskope, etc.) intercepting HTTPS traffic β€” not an issue with SF Org Live. The app has a valid SSL certificate. Use your personal device or hotspot if this happens.

❓

Frequently Asked Questions

How long does an assessment take?

Typically 90–120 seconds for a standard org. Larger orgs with many layouts (200+) or flows may take up to 3–4 minutes. The field dependency indexer is the most time-intensive step.

Can I run multiple assessments on the same org?

Yes. Each run creates a new assessment record. Previous results are accessible by URL β€” go to Supabase to find older assessment IDs if you need to compare.

Does it work on sandboxes?

Yes. Select 'Sandbox' in the environment toggle on the connect page before entering credentials.

Why does Standard Objects show 1000+ objects?

It shouldn't after the latest update β€” the view filters to match what Salesforce Object Manager shows (createable + searchable objects only), which is typically 40–80 standard objects. If you see 1000+, re-run the assessment to pick up the latest filter.

Why are some fields showing as 'unused' when I know they're used?

The field indexer scans Apex, Flows, Validation Rules, Page Layouts, Compact Layouts, and Field Sets. If a field is used in a Report, a List View formula, a process not captured by the indexer, or populated via integration, it won't appear as referenced. Treat 'unused candidates' as a starting-point list, not a definitive answer β€” always verify in the org before deleting.

My client's org has a security team β€” can I use this?

Yes, with appropriate authorization. Get explicit written approval from the client before connecting. The Session ID method is the 'quieter' option (no new Login History entry). Consider sharing the Security & Privacy section of this guide with their security team before running.

Can my team share an assessment?

Currently each assessment is tied to the session that ran it. To share results, use the Excel export or share your screen. Multi-user access is on the roadmap.

How do I provide feedback or report a bug?

Use the Feedback page at sforg.live/feedback. Feature requests, bug reports, and general thoughts are all welcome β€” every submission is reviewed.

Ready to assess your org?

Connect in 30 seconds. Results in 2 minutes.

⚑ Connect Salesforce Org β†’