Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Manage Access Through a Custom Connected App Handler

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Manage Access Through a Custom Connected App Handler

            Write a custom connected app handler in Apex to customize how the connected app is invoked. The custom handler can support new protocols or respond to user attributes in a way that benefits a business process.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience

            Connected Apps can be created in: Group, Essentials, Professional, Enterprise, Performance, Unlimited, and Developer Editions

            Connected Apps can be installed in: All editions
            User Permissions Needed
            To read, create, update, or delete connected apps:

            Customize Application AND either

            Modify All Data OR Manage Connected Apps
            To update all fields except Profiles, Permission Sets, and Service Provider SAML Attributes:

            Customize Application AND either

            Modify All Data OR Manage Connected Apps
            To update Profiles, Permission Sets, and Service Provider SAML Attributes: Customize Application AND Modify All Data AND Manage Profiles and Permission Sets
            To rotate the consumer key and consumer secret: Allow consumer key and secret rotation
            To install and uninstall connected apps:

            Customize Application AND either

            Modify All Data OR Manage Connected Apps
            To install and uninstall packaged connected apps:

            Download AppExchange Packages AND Customize Application AND either

            Modify All Data OR Manage Connected Apps
            Note
            Note Connected apps creation is restricted as of Spring ‘26. You can continue to use existing connected apps during and after Spring ‘26. However, we recommend using external client apps instead. If you must continue creating connected apps, contact Salesforce Support.

            See New connected apps can no longer be created in Spring ‘26 for more details.

            1. From Setup, in the Quick Find box, enter Connected Apps, then select Manage Connected Apps.
            2. Click Edit next to the connected app that you're configuring access for.
            3. Under Custom Connected App Handler, enter the name of the Apex Plugin class you created to customize the behavior of the connected app.
            4. For Run As, select a user account to be the execution user. The plug-in runs as the execution user on behalf of the current user of the connected app. Depending on the methods used in your ConnectedAppPlugin Apex class, you can sometimes leave this field blank.
              1. If your Apex class uses the authorize, modifySAMLResponse, or refresh methods, specify an execution user in the Run As field.
              2. If your class uses only the customAttributes method and doesn't use any other ConnectedAppPlugin methods, you can optionally leave the Run As field blank. The plug-in then runs as an Automated Process User, which is a system user that executes tasks behind the scenes.
              For more information, see the ConnectedAppPlugin class in the Apex Reference Guide.
            5. Save your settings.
             
            Loading
            Salesforce Help | Article