ISVforce Guide

Welcome to the ISVforce Guide
ISVforce Quick Start
Grow Your AppExchange Business
Design and Build Your Solution
Overview of Packages
Components Available in Managed Packages
About API and Dynamic Apex Access in Packages
Architectural Considerations for Group and Professional Editions
Connected Apps
Create a Connected App
Test Push Notifications
Edit a Connected App
Manage Access to a Connected App
Manage Third-Party Connected Apps
Install a Connected App
Uninstall a Third-Party Connected App
Manage Start URL Settings for a Connected App
Manage OAuth Access Policies for a Connected App
Connected App IP Relaxation and Continuous IP Enforcement
Manage Session Policies for a Connected App
Manage Mobile Policies for a Connected App
Manage Access Through a Custom Connected App Handler
Manage Other Access Settings for a Connected App
User Provisioning for Connected Apps
Manage Current OAuth Connected App Sessions
Manage OAuth-Enabled Connected Apps Access to Your Data
Environment Hub
Developer Hub
Notifications for Package Errors
Package and Test Your Solution
Pass the AppExchange Security Review
Publish Your Solution on AppExchange
Sell on AppExchange with Checkout
Monitor Performance with Analytics for AppExchange Partners
Manage Orders
Manage Licenses
Manage Features
Provide a Free Trial of Your Solution
Support Your AppExchange Customers
Update Your Solution
Appendices
Glossary
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Manage Third-Party Connected Apps

If your org uses third-party apps, such as those installed from the AppExchange, you can set security policies to control what data the third-party app can access from your org. You can also define who can use the third-party app. In addition to setting security policies to manage third-party apps, you can uninstall, and—when necessary—block these apps from the Salesforce org.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Connected Apps can be created in: Group, Professional, Enterprise, Performance, Unlimited, and Developer Editions

Connected Apps can be installed in: All Editions

User Permissions Needed
To read, create, update, or delete connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps
To update all fields except Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND either

Modify All Data OR Manage Connected Apps
To update Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND Modify All Data AND Manage Profiles and Permission Sets
To install and uninstall connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps
To install and uninstall packaged connected apps: Customize Application AND either

Modify All Data OR Manage Connected Apps

AND Download AppExchange Packages

As a third-party connected app consumer, you’re org installed the app from the AppExchange Marketplace or as a managed package from Salesforce or a third-party vendor’s website. You can only edit the app’s access policies, such as determining who can use the app and whether the app can access data from a remote location.

Example

For example, you install a third-party app that allows your org’s users to make travel reservations. By selecting the option Admin approved users are pre-authorized for the connected app, you can assign specific user profiles to the app. Only the users with this user profile can access the app. You can also set a refresh token policy to revoke the travel reservation app’s access to your Salesforce data after a set amount of time.

Connected Apps Installed by Salesforce

Some Salesforce client apps, such as the Salesforce app and Salesforce for Outlook, are implemented as connected apps. Salesforce automatically installs them in your org.

Salesforce distributes these client-type connected apps in two managed packages:
  • Salesforce for Android and Salesforce for iOS
  • Salesforce for other mobile apps
The connected apps included in the package change with each release. Salesforce installs the package the first time a user accesses one of the apps.

Salesforce packages appear in Setup under the Installed Packages List. See Installed Packages.

The packages in the Installed Packages List

Click a package name to see the list of components. The following are some components in the Salesforce Connected Apps package.

The components of the Salesforce Connected Apps

The Ant Migration Tool is a “wrapper” connected app that uses SOAP API to integrate with Salesforce. It still uses the connected apps framework to allow or deny users access to the apps in an org.

Note

The following are examples of components for the Salesforce app and Chatter app packages.

The components of the Salesforce1 and Chatter Apps

To install or reinstall the Salesforce app package for connected apps, you can install it from App Exchange.

You can manage installed connected apps from the Connected Apps page. The connected apps that Salesforce installs appear in the list as installed by a managed package. They appear along with your other installed connected apps.

Example of the list of connected apps