navigation-and-routing
Use when implementing or reviewing Lightning Web Component navigation with `NavigationMixin`, PageReference objects, URL state, and `CurrentPageReference` across Lightning Experience, mobile, and Experience Cloud. Triggers: 'navigate to record page from LWC', 'PageReference state not working', 'should I use window.location', 'Experience Cloud navigation issue'. NOT for component-to-component messaging or data-loading strategy when navigation is only a side effect.
Best use case
navigation-and-routing is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when implementing or reviewing Lightning Web Component navigation with `NavigationMixin`, PageReference objects, URL state, and `CurrentPageReference` across Lightning Experience, mobile, and Experience Cloud. Triggers: 'navigate to record page from LWC', 'PageReference state not working', 'should I use window.location', 'Experience Cloud navigation issue'. NOT for component-to-component messaging or data-loading strategy when navigation is only a side effect.
Teams using navigation-and-routing should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/navigation-and-routing/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How navigation-and-routing Compares
| Feature / Agent | navigation-and-routing | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when implementing or reviewing Lightning Web Component navigation with `NavigationMixin`, PageReference objects, URL state, and `CurrentPageReference` across Lightning Experience, mobile, and Experience Cloud. Triggers: 'navigate to record page from LWC', 'PageReference state not working', 'should I use window.location', 'Experience Cloud navigation issue'. NOT for component-to-component messaging or data-loading strategy when navigation is only a side effect.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
Use this skill when page changes are part of the component contract and those page changes need to survive container differences. Navigation in LWC is reliable only when it is expressed as a PageReference contract instead of as hardcoded Salesforce URLs. --- ## Before Starting Gather this context before working on anything in this domain: - Is the component navigating to a Salesforce resource, an Experience Cloud page, or an external URL? - Does the user need a real deep link that can be bookmarked or shared, or is the navigation purely in-session? - Which containers must support the behavior, and does the chosen page-reference type exist in all of them? --- ## Core Concepts PageReference is the platform contract for navigation. It separates intent from concrete URL shape so Salesforce can translate the same request for Lightning Experience, mobile, and supported site containers. The moment a component falls back to `/lightning/...` or `/s/...` string building, it starts owning routing details the framework already knows better. ### Use `NavigationMixin` Instead Of Hardcoded URLs `NavigationMixin.Navigate` is for moving the user. `NavigationMixin.GenerateUrl` is for building stable href values when the component needs a clickable anchor, copyable link, or preview. Both work from a PageReference object rather than a guessed URL. ### Page Type And Attributes Matter `standard__recordPage`, `standard__objectPage`, `standard__webPage`, `standard__component`, and Experience Cloud page types all have different required attributes and support boundaries. Many bugs are not "navigation is broken"; they are "the wrong page-reference type was chosen for the container." ### URL State Is Part Of The Contract When a component needs deep-linkable filters or modes, the state belongs in the PageReference. Custom state keys must be namespaced, such as `c__view` or `c__filter`. If the component reads URL state, it should do so through `CurrentPageReference` instead of parsing browser globals directly. ### Experience Cloud Requires Container Awareness Some PageReference types differ by site technology and supported target. A navigation pattern that works in Lightning Experience can still fail in an Aura or LWR site if the destination type is not supported there. Site-safe navigation must be chosen deliberately rather than inherited from internal-app assumptions. --- ## Common Patterns ### Record-Oriented Navigation **When to use:** After save, select, or row action, the component needs to open a record or object list page. **How it works:** Build a record or object PageReference with explicit `recordId`, `objectApiName`, and `actionName`, then call `Navigate`. **Why not the alternative:** Hardcoded Lightning URLs couple the component to one runtime and are easy to break. ### Generated Links For Stable Hrefs **When to use:** The component needs an anchor tag, copy link action, or a preview URL before navigation happens. **How it works:** Call `GenerateUrl` from the same PageReference the component would use for navigation and bind the result into the UI. **Why not the alternative:** Duplicating one shape for `href` and another for `Navigate` usually causes drift. ### Deep-Linkable State With `CurrentPageReference` **When to use:** The component needs URL-driven filters, tabs, or modes that should survive refresh and sharing. **How it works:** Write state through the PageReference, read it through `CurrentPageReference`, and keep custom keys namespaced. **Why not the alternative:** Parsing raw URL strings makes the component brittle and less portable across containers. --- ## Decision Guidance | Situation | Recommended Approach | Reason | |---|---|---| | Open an existing record, related list entry point, or object home | `NavigationMixin` with `standard__recordPage` or `standard__objectPage` | Uses the supported Salesforce contract for internal destinations | | Need a clickable internal link in markup | `GenerateUrl` from a PageReference | Keeps the href aligned with the real navigation contract | | Need deep-linkable component state | PageReference `state` plus `CurrentPageReference` | URL state stays explicit and sharable | | Need to open an external site | `standard__webPage` | External URLs should still flow through a clear page-reference type | | Current implementation concatenates `/lightning/` or `/s/` paths | Refactor to PageReference | Hardcoded routes do not scale across containers | --- ## Recommended Workflow Step-by-step instructions for an AI agent or practitioner activating this skill: 1. Gather context — confirm the org edition, relevant objects, and current configuration state 2. Review official sources — check the references in this skill's well-architected.md before making changes 3. Implement or advise — apply the patterns from Core Concepts and Common Patterns sections above 4. Validate — run the skill's checker script and verify against the Review Checklist below 5. Document — record any deviations from standard patterns and update the template if needed --- ## Review Checklist Run through these before marking work in this area complete: - [ ] Navigation uses a PageReference instead of a hardcoded internal URL. - [ ] The chosen page type is valid for the target container and user experience. - [ ] Required attributes such as `recordId` or `actionName` are explicit. - [ ] Custom URL state keys are namespaced. - [ ] `CurrentPageReference` is used for reading URL state instead of manual parsing. - [ ] `GenerateUrl` is used when the UI needs a durable href rather than immediate navigation. --- ## Salesforce-Specific Gotchas Non-obvious platform behaviors that cause real production problems: 1. **Hardcoded internal URLs are container assumptions** - they often work until the component is reused in mobile or Experience Cloud. 2. **Custom state keys need a namespace prefix** - unnamespaced keys do not form a stable custom URL-state contract. 3. **PageReference support varies by destination and container** - choosing the right page type matters as much as using NavigationMixin at all. 4. **Navigation and generated URLs should come from the same contract** - separate implementations drift quickly and confuse users. --- ## Output Artifacts | Artifact | Description | |---|---| | Navigation design | Recommendation for page type, attributes, and state handling | | Routing review | Findings on hardcoded URLs, missing attributes, and unsupported container assumptions | | Refactor snippet | Concrete `Navigate`, `GenerateUrl`, and `CurrentPageReference` examples | --- ## Related Skills - `lwc/component-communication` - use when an event or LMS message is the real issue and navigation is only downstream behavior. - `lwc/lifecycle-hooks` - use when navigation setup or cleanup is happening at the wrong lifecycle boundary. - `lwc/lwc-offline-and-mobile` - use when mobile container behavior changes the expectations for navigation and user flow.
Related Skills
lwc-navigation-mixin
NavigationMixin for LWC: PageReference types (recordPage, recordRelationship, namedPage, webPage, comm__namedPage), navigate vs generateUrl, state params, Experience Cloud variants. NOT for routing inside custom SPA (use lwc-state-management). NOT for cross-app deep-linking (use deep-linking-patterns).
lightning-navigation-dead-link-handling
Use when an LWC navigates via NavigationMixin to records or pages that may no longer exist, lack the user's access, or be permanently moved. Triggers: 'lightning navigation 404', 'navigate to deleted record', 'NavigationMixin error toast', 'graceful fallback when target page missing', 'permission denied on navigation'. NOT for general routing within an SPA or for Experience Cloud public-facing routing.
omni-channel-custom-routing
Use this skill to implement Apex-driven custom routing logic for Omni-Channel work items using PendingServiceRouting and SkillRequirement objects. Trigger keywords: PendingServiceRouting, SkillRequirement, IsReadyForRouting, skills-based routing, custom routing Apex. NOT for declarative Omni-Channel queue-based routing setup, routing configurations in Setup UI, or Einstein Classification routing rules.
omni-channel-routing-setup
Configuring Salesforce Omni-Channel routing from scratch or updating existing routing: enabling Omni-Channel, creating Service Channels, configuring Routing Configurations (queue-based and skills-based), setting up Presence Statuses and Presence Configurations, assigning skills to Service Resources, and defining Skills-Based Routing Rules. Trigger keywords: Omni-Channel setup, routing configuration, queue-based routing, skills-based routing, presence status, service channel, routing rules. NOT for capacity model design (use omni-channel-capacity-model). NOT for OmniStudio FlexCards or DataRaptors. NOT for Omni-Channel Supervisor dashboard analysis.
xss-and-injection-prevention
Use when writing or reviewing Visualforce pages, Apex controllers, or LWC components that output user-supplied data, build dynamic queries, or construct HTTP responses. Triggers: 'XSS in Visualforce', 'SOQL injection vulnerability', 'how to encode output in Apex', 'JSENCODE Visualforce', 'open redirect prevention'. NOT for Apex CRUD/FLS enforcement (use soql-security or apex-crud-and-fls), NOT for Shield encryption (use shield-encryption-key-management), NOT for AppExchange security review process (use secure-coding-review-checklist).
visualforce-security-and-modernization
Use when hardening or modernizing legacy Visualforce pages — covers the platform CSRF token model and when disabling it is a security regression, view state encryption guarantees and the 170 KB ceiling, FLS/CRUD enforcement gaps on `<apex:outputField>` and on getters that return sObjects, `<apex:includeScript>` interaction with the org Content Security Policy, hosting LWC inside a VF page via `lightning:container` / `lightning-out`, and the retire-vs-harden-vs-leave-alone decision for an inventory of legacy pages. Triggers: 'should I rewrite this Visualforce page in LWC', 'CSRF protection disabled on Visualforce page is that safe', 'community user sees a field they should not on a Visualforce page', 'view state encryption is that enough for sensitive data', 'how do I host an LWC inside a Visualforce page', 'apex:dynamicComponent and apex:actionFunction safe to keep'. NOT for greenfield Visualforce architecture (use apex/visualforce-fundamentals — controller types, view state pattern selection, PDF rendering); NOT for Visualforce email template authoring (use apex/visualforce-email-templates if/when that skill is authored); NOT for general Apex security review across triggers and async (use apex/soql-security and security/secure-coding-review-checklist).
transaction-security-policies
Transaction Security policy creation and configuration: condition builder, enhanced policies, enforcement actions (block, MFA, notification, end session), real-time monitoring mode, and policy troubleshooting. NOT for Event Monitoring log analysis or Shield Event Monitoring setup (use event-monitoring). NOT for Apex testing or debug-log analysis.
sso-saml-troubleshooting
Diagnosing broken SAML SSO into Salesforce — IdP-initiated vs SP-initiated flows, signing-certificate validity / expiry, NameID format mismatches, RelayState handling, audience / entityId / issuer mismatches, clock skew, the SAML Assertion Validator in Setup, the Login History debug log, and the My Domain prerequisite for SSO. Covers the standard diagnostic loop: read the SAML response, identify which check failed, fix at the IdP or SP. NOT for OAuth / OpenID Connect SSO (see security/oauth-openid-troubleshooting), NOT for setting up SSO from scratch (see security/sso-saml-setup).
shield-kms-byok-setup
Configure Shield Platform Encryption with customer-supplied (BYOK) or customer-held (Cache-Only Key Service) tenant secrets, rotate them, and recover. NOT for Classic Encryption or field masking.
shield-event-log-retention-strategy
Use when designing Salesforce Shield Event Monitoring retention, SIEM routing, and storage-tier strategy — which event types to keep, for how long, where, and how to answer audit queries across hot/warm/cold tiers. Triggers: 'shield event log retention', 'route event monitoring to splunk', 'how long to keep login history', 'siem salesforce integration', 'event monitoring storage tier'. NOT for enabling Shield (see salesforce-shield-deployment).
session-management-and-timeout
Use this skill when configuring session timeout values, concurrent session limits, session IP locking, or logout behavior in Salesforce. Covers org-wide session settings, profile-level overrides, Connected App session policies, and Metadata API SecuritySettings deployment. NOT for OAuth token refresh flows, login IP ranges, or MFA/identity-provider configuration.
session-high-assurance-policies
Enforce step-up authentication for sensitive pages/objects using High Assurance session level and login flow policies. NOT for initial MFA enrollment UX.