ISVforce Guide

Welcome to the ISVforce Guide
ISVforce Quick Start
Grow Your AppExchange Business
Design and Build Your Solution
Overview of Packages
Components Available in Managed Packages
About API and Dynamic Apex Access in Packages
Architectural Considerations for Group and Professional Editions
Connected Apps
Create a Connected App
Test Push Notifications
Edit a Connected App
Manage Access to a Connected App
Manage Third-Party Connected Apps
Install a Connected App
Uninstall a Third-Party Connected App
Manage Start URL Settings for a Connected App
Manage OAuth Access Policies for a Connected App
Connected App IP Relaxation and Continuous IP Enforcement
Manage Session Policies for a Connected App
Manage Mobile Policies for a Connected App
Manage Access Through a Custom Connected App Handler
Manage Other Access Settings for a Connected App
User Provisioning for Connected Apps
Manage Current OAuth Connected App Sessions
Manage OAuth-Enabled Connected Apps Access to Your Data
Environment Hub
Developer Hub
Notifications for Package Errors
Package and Test Your Solution
Pass the AppExchange Security Review
Publish Your Solution on AppExchange
Sell on AppExchange with Checkout
Monitor Performance with Analytics for AppExchange Partners
Manage Orders
Manage Licenses
Manage Features
Provide a Free Trial of Your Solution
Support Your AppExchange Customers
Update Your Solution
Appendices
Glossary
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Manage Other Access Settings for a Connected App

The Connected App Detail page provides an overview of access settings assigned to the connected app, including OAuth policies and session policies. From this page, you can click Edit Policies to manage access to the connected app. You can also manage profiles, permission sets, custom attributes, and custom scopes associated with the connected app.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Connected Apps can be created in: Group, Professional, Enterprise, Performance, Unlimited, and Developer Editions

Connected Apps can be installed in: All Editions

User Permissions Needed
To read, create, update, or delete connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps
To update all fields except Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND either

Modify All Data OR Manage Connected Apps
To update Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND Modify All Data AND Manage Profiles and Permission Sets
To install and uninstall connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps
To install and uninstall packaged connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps

AND Download AppExchange Packages
  1. From Setup, enter Connected Apps in the Quick Find box, then select Manage Connected Apps.
  2. Click a connected app to view on the Connected App Detail page.
  3. For connected apps that use SAML and if your org is an Identity Provider, click Download Metadata. The downloaded metadata includes the service provider SAML login URLs and endpoints that are specific to your community or custom domain configuration.
    This button displays only if your org is enabled as an Identity Provider, and only with connected apps that use SAML. You can access this metadata via a URL in Metadata Discovery Endpoint. Your service provider uses this URL to configure single sign-on to connect to Salesforce.
  4. In the OAuth Policies section, click View OAuth Usage to see which OAuth connected apps users are actively connecting to. These apps have an active access or refresh token.
  5. If user provisioning is enabled, you can click Launch User Provisioning Wizard to configure user provisioning for the connected app. See User Provisioning for Connected Apps.
  6. Click Manage Profiles to select profiles to assign to the app from the Application Profile Assignment page. Assign profiles that you want to be able access the app (except in Group Edition).

    This option won’t appear if the OAuth policy for Permitted Users is set to All users may self-authorize because this option isn’t needed when users can authorize themselves.

    Tip

  7. Click Manage Permission Sets to select the permission sets to assign to the app from the Application Permission Set Assignment page. Assign permission sets that you want to be able to access to app.

    This option won’t appear if the OAuth policy for Permitted Users is set to All users may self-authorize because this option isn’t needed when users can authorize themselves.

    Tip

  8. To assign custom attributes to the connected app, click New.
    Each custom attribute must have a unique key and must use fields available from the Insert Field menu. For example, assign a key name, such as country and insert the field $Organization.Country. When using SAML, attributes are sent as SAML attribute statements. When using OAuth, attributes are available as a custom_attributes object in the user’s Identity URL.
  9. For OAuth-enabled connected apps, click Manage OAuth Custom Scopes to assign custom scopes to the connected app. See OAuth Custom Scopes.