Salesforce has announced that it is making some major updates to Salesforce CLI that will change the way sensitive information is handled. This includes redacting credentials in normal command outputs and JSON responses, and requiring the use of new, separate commands for viewing credentials going forward.
These changes have become available in the Salesforce CLI release candidate (RC) version as of yesterday, and will roll out to the latest production release next Wednesday, May 27.
What You Need to Know
Mitch Spano, the Director of Product Management at Salesforce, took to LinkedIn yesterday to explain that Salesforce would be making important security changes affecting Salesforce CLI. Specifically, the Salesforce CLI team is changing how sensitive authentication artifacts like access tokens, passwords, and the SFDX Auth URL parameter are returned in command outputs.
“To protect against accidental credential exposure (especially in modern AI-assisted and agentic workflows), we are redacting these secrets from the standard human-readable and --json outputs of existing commands like sf org display,” he wrote.
“Instead, we’re shifting to an explicit model where you have to use new, dedicated commands specifically designed for credential retrieval.”
The impacted commands span the plugin-org, plugin-user, and plugin-auth contexts. Specifically, these commands will now redact any sensitive data such as the Access Token, Auth URL, and Password:
Sf org displaySf org listSf org create scratchSf org resume scratchSf org display userSf org list usersSf org login jwtSf org login webSf org login sfdx-urlSf org login access-tokenSf org list auth
Going forward, developers will need to move to the new dedicated interactive retrieval commands to retrieve sensitive information. For example:
- Use
sf org auth show-access-tokento access the Access Token in a supported command. - Use
sf org auth show-sfdx-auth-urlto access the Auth URL in a supported command. - Finally, use
sf org auth show-user-passwordto access the password in a supported command.
These commands are interactive and will display a security warning by default. If you’re planning on using these commands in non-interactive environments – like your CI/CD – then you’ll need to append --json or --no-prompts to your command as well.
For more information and context, we highly recommend reading the GitHub issue page detailing the change.
Mitch also highlighted that a “temporary environment variable workaround” would be available to prevent immediate pipeline breakage, but that it would also be strictly decommissioned in Summer 26.
“We tried our absolute best to be thoughtful about this rollout,” he wrote on LinkedIn.
“We built a temporary environment variable workaround (SF_TEMP_SHOW_SECRETS=true) to give you a buffer so your pipelines don’t immediately break next Wednesday, and we’re being as proactive as possible with our communication. Ultimately, keeping the ecosystem secure by default is our top priority, and I wanted you to hear about this directly from me so you have time to prepare.”
SF Ben has reached out to Salesforce for comment.
Why Is This Happening Now?
According to Mitch, these changes are part of a “long-term goal to lock down the CLI as tightly as possible”. Not only that, but he has stated that a recent security review identified elevated risks associated with sensitive credentials being exposed through standard CLI workflows.
Historically, these outputs have been designed for the convenience of developers, but as development environments get more complex and face new challenges and considerations due to AI, they now present a heightened risk.
“AI coding agents and automated systems often store execution logs in plain text,” he wrote. “If an AI agent executes a standard command that returns a credential, that secret may be permanently recorded in unencrypted chat history.
“To align with broader platform security goals, we are shifting toward an explicit model for retrieving a credential that requires deliberate user intent and is clearly labeled as a high-risk operation.”
This announcement comes less than a week after Amnon Kruvi, the Director of Salesforce advisory at The Artitech Club, took to LinkedIn himself to share his concerns about Salesforce CLI’s security posture.
“Salesforce bet all its chips on the SF CLI for Headless 360,” he wrote. “Mark my words: this time two years from now, this will be a hot topic they’ll come to regret.
“The CLI is the most insecure tool the platform has. Worse than any connected app. ShinyHunters are going to go on a pwnage spree not seen since the early .com bubble.”
The hacking group ShinyHunters has been conducting a string of data breaches impacting numerous Salesforce customers since last year, showing little signs of stopping. This effort from Salesforce appears to be part of a wider security effort to keep orgs and connected apps as watertight as possible, especially as the community has been becoming increasingly vocal with their concerns.
What Do I Need To Do?
Salesforce has confirmed that, as of today, the first step you need to take is to review your internal CI/CD scripts for any exposure dependencies.
May 27, 2026, marks the official production release, where secrets are removed from existing commands. Salesforce says that if your pipelines break, you must deploy the temporary env variable workaround immediately.
By summer 2026, the temporary environment variable will be completely removed. It must be stressed that workflows need to be updated to the new dedicated commands by this date.
Salesforce has also explained that if you cannot rewrite your pipelines before May 27, you can inject a temporary environment variable into your CI/CD environment to maintain legacy behavior. For more information on this and the subsequent permanent migration, you should consult the official GitHub page.
How the Community Is Reacting
It is clear that Salesforce anticipated a strong reaction to these changes, with Spano apologizing for “the disruption and friction this is going to cause […] teams.” These changes have the potential to completely break CI/CD pipelines.
“This is a needed update to the CLI, which significantly improves security and provides a way to ensure that you can prohibit any AI agents or tooling from accessing credentials that you don’t want exposed,” Paul Battisson, the Founder and CEO of Groundwork Apps, told SF Ben. “It is a very quick turnaround for users, though for sure.”
“I think here Salesforce is stuck a little between a rock and a hard place of fixing what is a security flaw as quickly as possible, whilst also ensuring that CLI users are aware of the update and have enough time to fix their CI/CD pipelines and other tools using this process.”
Amnon told SF Ben that he believes this is a good first step.
“I’ve been vocally critical over some of the recent changes Salesforce has made to the platform in the name of security – but in this case, I actually feel rather calm,” he said. “The announcement made clear that there will be a replacement, dedicated function to retrieve org credentials. Functionality is not being taken away but just… reshuffled a little.”
He did, however, admit he had architectural concerns about the matter.
“The CLI holds permanent credentials to a multitude of orgs,” he said. “You log in once, access is forever. You can have old environments that haven’t been touched in months, and they’d still work.”
“Salesforce customers have been targeted by hacker groups like ShinyHunters. But whereas up until now the hacks have been against individual orgs, the CLI opens up a scary possibility: one hack against a consultancy could open up a doorway to dozens of different orgs.”
He told SF Ben that he anticipated a longer-term solution in which the CLI would require second-factor authentication before connecting to an org for the first time within a set number of hours.
“Of course, such a solution will break CI/CD pipelines all over the world, which is why I expect Salesforce to separate the CI/CD commands from the developer commands,” he said.
Summary
Salesforce customers now have less than a week to get up to speed with these new CLI updates, so it is imperative that action is taken now. The ongoing security vulnerabilities and the possibility of a broken CI/CD are too much of a risk to ignore.
If you have any feedback on these changes, consider reporting them to Salesforce through its discussion forum. The CLI team is also considering hardening the security of SFDX Auth URLs by enforcing a strict expiration window on the underlying refresh tokens, so there is no better time than now to get your thoughts on the matter heard.
