Recipes by Category

App Distribution (2) Bundle logic, interface and services for distribution. App Logic (37) The Apex programming language, workflow and formulas for logic. Collaboration (5) The Salesforce Chatter collaboration platform. Database (29) Data persistence, reporting and analytics. Integration (33) Web Service APIs and toolkits for integration. Security (9) Platform, application and data security. Tools (4) tooling User Interface (36) Visualforce MVC and metadata-drive user interfaces. Web Sites (12) Public web sites and apps with optional user registration and login.
Beta Feedback
Cookbook Home » Validating an Id

Validating an Id

Post by Shoby Abdi  (2012-01-23)

Status: Unverified
Level: intermediate


Many developers try to validate an Id by trying to convert a string to type Id and catching an exception. There is a more elegant way of doing it.


This method validates an Id's length(15 or 18) and validates the possible characters that should exist within an Id using regular expressions. The first step escapes any possible single quotes to do two things: validate that the given string is a valid Id and that it is not an unauthorized parameter from the URL.

static public String validateId(String Idparam) {
        String id = String.escapeSingleQuotes(Idparam);
    	if((id.length() == 15 || id.length() == 18) && Pattern.matches('^[a-zA-Z0-9]*$', id)) {
    		return id;
    	return null;


Recipe Activity - Please Log in to write a comment

I'm a novice SalesForce/Apex developer, but this doesn't seem DRY. Converting a string to an Id and catching an exception allows you to use the functionality already integrated into the library, why re-implement it?

by a093000000YjwiS  (2015-06-29)

Hi Thanks for the above code. But here is an another alternative to this it might be quite interesting try this

static public Boolean isValidId(String strId) {
    Boolean isValid = (strId InstanceOf ID) ? true : false ;
    return isValid ;

by deepak sheoran  (2014-06-10)

I am a newbie to salesforce so can you guys please explain the scenario where do i need to validate Id field?

by Pramod Kumar  (2012-10-12)

Interesting ideas. Hard Id validation seems a but unruly with a try catch. And the reason for using escapeSingleQuotes with the Id is to see if something has changed. If it has changed, it was a bad id to begin with. 

by a093000000VF09g  (2012-10-09)

An alternative to this is to do:

ID someId;
String someString;
Boolean isValidId = true;
try {someId = (ID) someString;}
catch (Exception e) {isValidId = false;}

this way you let SFDC tell you when it is a bad ID in a string field.

by Eric Kintzer  (2012-09-25)

Last thing before returning id would be to make sure that id.equals(Idparam) in order to verify that String.escapeSingleQuotes(Idparam)did not change anything.

by Michael Rask Christensen  (2012-04-12)


Vote to Verify a Recipe

Verifying a recipe is a way to give feedback to others and broaden your own understanding of the capabilities on When you verify a recipe, please make sure the code runs, and the functionality solves the articulated problem as expected.

Please make sure:
  • All the necessary pieces are mentioned
  • You have tested the recipe in practice
  • Have sent any suggestions for improvements to the author

Please Log in to verify a recipe

You have voted to verify this recipe.