Newer Version Available

This content describes an older version of this product. View Latest

Manage Third-Party Connected Apps

If your org uses third-party apps, such as those installed from the AppExchange, you can set security policies to control what data the third-party app can access from your org. You can also define who can use the third-party app. In addition to setting security policies to manage third-party apps, you can uninstall, and—when necessary—block these apps from the Salesforce org.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Connected Apps can be created in: Group, Professional, Enterprise, Performance, Unlimited, and Developer Editions

Connected Apps can be installed in: All Editions


User Permissions Needed
To read, create, update, or delete connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps

To update all fields except Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND either

Modify All Data OR Manage Connected Apps

To update Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND Modify All Data AND Manage Profiles and Permission Sets
To install and uninstall connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps

To install and uninstall packaged connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps

AND Download AppExchange Packages

As a third-party connected app consumer, you’re org installed the app from the AppExchange Marketplace or as a managed package from Salesforce or a third-party vendor’s website. You can only edit the app’s access policies, such as determining who can use the app and whether the app can access data from a remote location.

Example

For example, you install a third-party app that allows your org’s users to make travel reservations. By selecting the option Admin approved users are pre-authorized for the connected app, you can assign specific user profiles to the app. Only the users with this user profile can access the app. You can also set a refresh token policy to revoke the travel reservation app’s access to your Salesforce data after a set amount of time.

Connected Apps Installed by Salesforce

Some Salesforce client apps, such as the Salesforce app and Salesforce for Outlook, are implemented as connected apps. Salesforce automatically installs them in your org.

Salesforce distributes these client-type connected apps in two managed packages:
  • Salesforce for Android and Salesforce for iOS
  • Salesforce for other mobile apps
The connected apps included in the package change with each release. Salesforce installs the package the first time a user accesses one of the apps.

Salesforce packages appear in Setup under the Installed Packages List. See Installed Packages.

The packages in the Installed Packages List

Click a package name to see the list of components. The following are some components in the Salesforce Connected Apps package.

The components of the Salesforce Connected Apps

The Ant Migration Tool is a “wrapper” connected app that uses SOAP API to integrate with Salesforce. It still uses the connected apps framework to allow or deny users access to the apps in an org.

Note

The following are examples of components for the Salesforce app and Chatter app packages.

The components of the Salesforce1 and Chatter Apps

To install or reinstall the Salesforce app package for connected apps, you can install it from App Exchange.

You can manage installed connected apps from the Connected Apps page. The connected apps that Salesforce installs appear in the list as installed by a managed package. They appear along with your other installed connected apps.

Example of the list of connected apps