Studio 2.3 - New Hidden Upsell Step For Regular Giving 🚀

Need Help? Let's Find the
Answer Together!

Sorry, we didn't find any relevant articles for you.

Send us your queries using the form below and we will get back to you with a solution.

Table of Contents

**Article Regularly Updated ** 👉Update 11/05/2026 7:00AM AEST 👉Update 08/05/2026 9AM AEST Sandbox Release — Friday, 8 May 2026 Production Release – Monday, 11 May 2026 FAQs A. What is the re-authorization step and how do I do it? B. What is the total expected downtime? C. What will not work during the downtime period? D. Can anything be done to reduce the downtime? 👉Update 06/05/2026 5:30 PM AEST 👉Update 05/05/2026 11AM AEST A. What is happening? B. Does this affect me? C. What action do I need to take right now — and what happens after Release 11.4? D. What is happening on May 11? E. Will there be any disruption/downtime to my org? F. What is this security change about — and why is Salesforce doing this? G. Where can I read more about the technical requirements? H. I am on v11.0 and not on 11.1 or 11.2 — what happens to Flows when Release 11.4 is pushed?

Mandatory Salesforce Security Upgrade & What It Means for Payments2us Orgs on Version 11.x

Table of Contents

**Article Regularly Updated ** 👉Update 11/05/2026 7:00AM AEST 👉Update 08/05/2026 9AM AEST Sandbox Release — Friday, 8 May 2026 Production Release – Monday, 11 May 2026 FAQs A. What is the re-authorization step and how do I do it? B. What is the total expected downtime? C. What will not work during the downtime period? D. Can anything be done to reduce the downtime? 👉Update 06/05/2026 5:30 PM AEST 👉Update 05/05/2026 11AM AEST A. What is happening? B. Does this affect me? C. What action do I need to take right now — and what happens after Release 11.4? D. What is happening on May 11? E. Will there be any disruption/downtime to my org? F. What is this security change about — and why is Salesforce doing this? G. Where can I read more about the technical requirements? H. I am on v11.0 and not on 11.1 or 11.2 — what happens to Flows when Release 11.4 is pushed?

**Article Regularly Updated **

This article is regularly updated. Latest material changes/updates appear at the top with timestamps. We recommend bookmarking this page. You will also receive email notifications as material updates are posted.

 

👉Update 11/05/2026 7:00AM AEST

[11/05/2026] — Payments2us 11.4 Production Deployment Successful - Action Required by your Salesforce Admin

We are pleased to inform that Payments2us 11.4 release was successfully deployed to your production org. Please work with your Salesforce Administrator in order to perform reauthorization steps mentioned below. Once your Salesforce org has been re-authorized, all operations should return to normal.

Note: You may see a Green text saying "the account has already been Authorised", but ignore that and re-authorise by clicking the "Authorise Payments2us" button and following the steps. 

ℹ️ Monitoring for Authorisation Issues

For those who want to keep an eye on authorisation health in their org, we recommend navigating to “Error Logs — Payments2us” and switching to the List View "Payments2us Auth Errors", sorted by Created Date — bookmark this for easy access going forward.

If you see "Missing Authorisation Details" or similar errors appearing, please repeat the re-authorisation steps. Should this happen repeatedly, please log a support case with us so we can investigate further.

We are monitoring the deployment closely and will update this article immediately if anything changes. Thank you for your patience throughout this process

 

 

👉Update 08/05/2026 9AM AEST

[08/05/2026] — Payments2us 11.4 Release Confirmed — Sandbox Friday May 8, Production Monday May 11

We have some important news to share. Our team has completed internal testing for Release 11.4 and we are ready to move. The deployment schedule for both Sandbox and Production environments is now confirmed.

Before we get into the detail, it is worth explaining how the push process works so you know what to expect. When we initiate a push upgrade, Salesforce takes over the distribution and propagation of the new package across all affected orgs. Based on our past experience, this process typically takes a couple of hours — and during that time, as well as until your Salesforce Administrator completes the re-authorisation step afterwards, Payments2us will not be fully operational in your environment. This is expected, temporary, and outside our control once the push is initiated.

Sandbox Release — Friday, 8 May 2026

We will initiate the Sandbox push at 12:00 PM AEST on Friday, May 8. Based on past experience the propagation process typically takes a couple of hours, though this may vary as it is managed entirely by Salesforce. We estimate the upgrade will be available in your Sandbox org by approximately 2:00 PM AEST. 

Your Salesforce Administrator can complete the re-authorisation step at a time that suits you (from approximately 2:00pm AEST onwards). Think of this as a good opportunity to familiarise yourself with the process ahead of Monday — it is not mandatory to action immediately, but it is required for Payments2us to continue operating in your Sandbox environment. No further notification will be sent following the Sandbox push.

Production Release – Monday, 11 May 2026 

We will initiate the Production push at 5:30 AM AEST on Monday, May 11. Based on past experience the propagation process typically takes a couple of hours, though timing may vary as it is managed entirely by Salesforce. We estimate the upgrade will be available in your Production org by approximately 7:30 AM AEST — however please do not attempt re-authorisation until you receive our confirmation email confirming the push is complete across all orgs.

Once we have confirmed that all orgs are successfully showing Release 11.4 and propagation is complete, we will send a confirmation email. Please wait for that email before your Salesforce Administrator begins the re-authorisation process. 


FAQs

A. What is the re-authorization step and how do I do it?

Once the deployment is confirmed complete, your Salesforce Administrator should follow Step 5 of our How to Authorise Payments2us guide. This is the same process for both Sandbox and Production and should take no more than 10 minutes.
Note: You may see a Green text saying "the account has already been Authorised", but ignore that and re-authorise by clicking the "Authorise Payments2us" button and following the steps.

B. What is the total expected downtime?

The total downtime has two components:

a) Salesforce propagation — once we initiate the push, Salesforce manages the rollout across your org. Based on past experience this typically takes around 2 hours. This is outside our control and cannot be shortened or predicted with precision. This is why we have estimated completion at approximately 7:30 AM AEST above.

b) Re-authorisation window — once the push is complete, Payments2us will not be fully operational until your Salesforce Administrator completes the re-authorisation step. This should take no more than 10 minutes. The sooner your Administrator acts after receiving our confirmation email, the shorter this window will be.

The combination of both components represents the total downtime for Payments2us in your environment.

C. What will not work during the downtime period?
 

During the downtime period, the following areas are likely to be affected:

  • Public Site Checkout Forms will not function during the downtime period.
  • The Payment Complete webhook will not operate during the downtime period.
  • Stripe webhooks may not be able to update Payment Transactions during the downtime period. Stripe generally retries failed webhook deliveries automatically after some time.
  • PayPal webhooks will also be impacted during the downtime period. PayPal typically retries webhook deliveries automatically, so missed events should be processed once the downtime has ended.
  • Shopify webhooks will also be temporarily affected during the downtime period. Shopify generally retries failed webhook deliveries automatically, and pending events should be processed after the downtime window.

Note: The downtime will not impact the recurring payments processor.

D. Can anything be done to reduce the downtime?

The Salesforce propagation period is outside our control and cannot be shortened. However, we have deliberately scheduled the Production push for 5:30 AM AEST — before standard business hours — so that propagation completes and your Administrator can complete re-authorisation at the start of the working day, minimising any impact on your operations.

 

 

 

 

 

👉Update 06/05/2026 5:30 PM AEST

[06/05/2026] — Sandbox Service Advisory

Our development team is currently conducting critical testing of the v11.4 release in our Sandbox environment. To prepare for the upcoming mandatory Salesforce security changes, we have temporarily enabled PKCE and RTR on the Payments2Us Sandbox Connected App.

While this testing is underway, you may experience intermittent downtime or "Re-Authorization" errors within your own Sandbox environments. This work is a vital step in ensuring a seamless transition for the upcoming production push. We expect to deploy v11.4 to Sandboxes soon or disable these settings once testing is finalised.

We apologize for any disruption to your testing schedule in sandboxes. Please note: Production environments are unaffected and remain fully operational.

 

 

 

 

 

👉Update 05/05/2026 11AM AEST

[05/05/2026 11:00 AM] — Article published. Initial guidance for v11.x customers. See below

 

A. What is happening?

Salesforce has issued a mandatory security directive requiring all apps on the AppExchange to implement new OAuth security standards — specifically PKCE (Proof Key for Code Exchange) and Refresh Token Rotation — across every Connected App and External Client App on its platform. This is not specific to Payments2us. Every ISV on the AppExchange is subject to the same requirements, with a hard enforcement deadline of May 11, 2026.

Salesforce issued the final enforcement advisory on April 29, 2026, giving the ISV community less than two weeks to implement what is a fundamental architectural change. Like many in the Salesforce partner community, we were given very little notice. Our engineering team mobilised immediately and has been working at full capacity since to build these mandated security changes into our upcoming release, which at this stage is anticipated to be Release 11.4 (note: release number subject to final confirmation).

At Payments2us, we take our obligations to Salesforce's security standards seriously. Where security is concerned, we do not wait — we comply. Release 11.4 is being built specifically to ensure your org remains secure, compliant and fully operational beyond May 11.

B. Does this affect me?

Yes — but not in the way you might expect. Because you are on v11.x, you are on a supported and current version of Payments2us. Our team is handling all of the technical code changes entirely on our end. This article is here to keep you informed and prepared.

That said, it is important to understand the stakes: if Release 11.4 is not successfully pushed to your org by May 11, Payments2us will cease to function in your environment — including all payment processes and any business processes that depend on the application. This is why we are working urgently to ensure the release lands on every org by May 11.

C. What action do I need to take right now — and what happens after Release 11.4?

As a customer on v11.x, you are in a better position than most. The technical work is entirely on our side, however there are a couple of things we want you to be aware of and prepare for so that when Release 11.4 lands, your org is back up and running as quickly as possible.

We are now expecting to push Release 11.4 on Monday May 11. When the push occurs, there will be a period of downtime for Payments2us in your org while the new security changes take effect. This is expected and temporary.

Here is what we are anticipating will need to happen on your side after the push:

  • Re-authorisation of the Payments2us app. Once Release 11.4 has landed in your org, your Salesforce Administrator will need to complete a re-authorisation step to reconnect Payments2us with your Salesforce org under the new security standards. This is a one-time process and we expect it to take no more than 10 minutes. Until this is completed, Payments2us will not be operational in your environment.
     
  • How to prepare now. We recommend letting your Salesforce Administrator know this is coming. We will publish the full step-by-step re-authorisation process in this article on or before May 8 — bookmark this page so your admin has it ready to go the moment the push lands. The sooner the re-authorisation is completed after the push, the sooner your org is back up and running.

Again, we will update this article with timestamped entries as things progress and will notify you by email when material updates are posted, including when the re-authorisation guide is live.

We do not anticipate any issues once re-authorisation is complete and expect business to continue as usual. Your payment processes, configurations and data should not be affected. That said, we ask that you stay close to this article and our email updates in the days following the push — if anything unexpected arises, we will communicate it here immediately and work through it together with you.

D. What is happening on May 11?

As outlined above, May 11, 2026 is Salesforce's hard enforcement deadline and we are targeting this date for the Release 11.4 push to all v11.x orgs. We cannot confirm an exact time at this stage. What we can confirm is that when the push occurs, it is likely to be a rollout across Sandbox and Production environments. We may push to Sandbox a day or 2 prior, with Production following on May 11.

We want to be transparent: our normal protocol is to push to Sandbox first, giving customers at least 3-weeks testing time before Production push. On this occasion, the deadline Salesforce has given us left no room for a staged rollout. We are testing the release thoroughly on our end and our goal is for this transition to be as seamless as possible.

We will update this article and notify you by email as soon as we have a confirmed time for the push.
There are two important exceptions to be aware of:

If you have previously opted out of push updates, you will not automatically receive Release 11.4 — and without it, Payments2us will cease to function in your org after May 11, which means your payment processes and any business processes that depend on Payments2us will stop working. Please email us immediately at support@payments2us.com to re-include yourself for push updates. Do not delay.

If your org is on v9.x or v10.x, this article is not intended for you until you have upgraded to the latest stable release on v11.x. We sent a separate and urgent email to those customers on May 4, 2026. If you did not receive it, please contact us at support@payments2us.com with urgency.

E. Will there be any disruption/downtime to my org?

There will be a period of unavoidable downtime on May 11 while the release takes effect. Once we initiate the push, Salesforce typically takes a couple of hours to propagate the release at org level. Once that is confirmed, your Salesforce Administrator will need to complete the re-authorisation process which we expect to take no more than 10 minutes. The combination of these two steps represents the total downtime window for Payments2us in your environment.

On or before May 8, we will send an email confirming the exact time we plan to initiate the push on May 11 — we recommend sharing this with your Salesforce Administrator and any relevant stakeholders so they can plan accordingly. Please note that once we initiate the push, the propagation time at org level is managed by Salesforce and may vary, though in most cases this is a couple of hours.

Outside of this window, our goal is zero disruption. Release 11.4 is being built and tested specifically to land cleanly on all v11.x environments. We will communicate immediately via both this article and email if anything changes.

F. What is this security change about — and why is Salesforce doing this?

In early 2025, a significant security breach affecting multiple Salesforce-connected applications exposed how vulnerable static, long-lived authentication tokens can be. Once compromised, those tokens gave attackers persistent access to customer Salesforce environments across hundreds of organisations.

In response, Salesforce has mandated two core security changes across its entire platform:

PKCE (Proof Key for Code Exchange) is a security extension to the OAuth login process. In simple terms, it ensures that even if an authorisation code is intercepted during login, it cannot be used by anyone other than the application that originally requested it. It makes the initial handshake between Payments2us and your Salesforce org significantly more secure.

Refresh Token Rotation (RTR) means that every time Payments2us silently refreshes its connection to your org in the background, the old token is immediately invalidated and replaced with a new one. Previously, a single token could be reused indefinitely — meaning a stolen token was a permanent key. With rotation, a stolen token becomes useless almost immediately.

Together, these two changes represent a meaningful improvement in the security of your org's connection to Payments2us and to Salesforce as a platform. Release 11.4 will implement both in full.

G. Where can I read more about the technical requirements?

For further reading on the Salesforce mandate and how the broader ISV community is responding, the following articles may be helpful:

H. I am on v11.0 and not on 11.1 or 11.2 — what happens to Flows when Release 11.4 is pushed?

We introduced Flows in versions 11.1 and 11.2. If you are using or aware of this feature, you may be wondering whether the Release 11.4 push will automatically activate Flows in your org, disabling workflows. The short answer is NO.

Flows were deliberately rolled out in a turned-off state and will remain that way as part of the Release 11.4 upgrade. You do not need to take any action and nothing will change in your org with respect to Flows as a result of this push. 

When you are ready to explore migrating from Workflows to Flows at a time of your choosing, please refer to our guide here: https://help.payments2us.com/en_US/workflows-optional/how-to-migrate-workflow-to-flow

Updated at May 10th, 2026

Was this article helpful?