Login Flows
Login Flows is a Setup feature that allows administrators to associate Flows with the login process, executing custom business logic after a user authenticates but before they access Salesforce.
Definition
Login Flows is a Setup feature that allows administrators to associate Flows with the login process, executing custom business logic after a user authenticates but before they access Salesforce. Login Flows can collect additional information, enforce custom security checks, or route users to specific pages based on their profile or IP address.
In plain English
“Here's a simple way to think about it: Login Flows lets you intercept the moment a user authenticates. Run a Flow after authentication but before the user reaches their home screen - collect missing user info, accept terms, route by IP, enforce custom MFA logic.”
Worked example
The admin at Granite Financial creates a Login Flow that checks whether a user's security training certification has expired. If expired, the Flow redirects them to a training completion screen before allowing access to the org. Users with current certifications proceed to the home page normally. This ensures 100% compliance with the company's annual security training requirement.
Why Login Flows let you intercept the moment a user authenticates
Authentication is the most reliable trigger in the platform - every user hits it, exactly once per session, no exceptions. Login Flows uses that fact. Associate a Flow with a profile, and Salesforce runs that Flow after authentication but before the user reaches their home screen. Use it to enforce custom MFA logic, accept just-updated terms of service, route users by IP or geography, prompt for missing user-record fields, or anything else that needs to run reliably at session start.
The trade-off is that any Flow you put here delays login by at least the flow's runtime, and a broken flow can lock users out of the org until you disable it. Build Login Flows defensively: timeout-tolerant, error-handled, fail-open for the cases where blocking login is worse than skipping the check. Test on a non-admin profile in a sandbox before any production rollout.
How organizations use Login Flows
Login Flow forces users to accept updated HIPAA-compliance attestations annually; the flow captures the acceptance with timestamps for audit.
New-hire flow collects missing user-record fields on first login; HR data quality improved without manual chasing.
IP-based routing in Login Flow directs international users to region-appropriate landing pages.
Trust & references
Straight from the source - Salesforce's reference material on Login Flows.
- Custom Login FlowsSalesforce Help
Test your knowledge
Q1. In which area of Salesforce would you typically find Login Flows?
Q2. What is the primary benefit of Login Flows for Salesforce administrators?
Q3. Why is understanding Login Flows important for Salesforce admins?
Discussion
Loading discussion…