Connected Apps

Note Connected apps creation is restricted as of Spring ‘26. You can continue to use existing connected apps during and after Spring ‘26. However, we recommend using external client apps instead. If you must continue creating connected apps, contact Salesforce Support.

See New connected apps can no longer be created in Spring ‘26 for more details.

By capturing metadata about an third-party application, a connected app tells Salesforce which authentication protocol—SAML, OAuth, and OpenID Connect—the third-party application uses and where the third-party application runs. Salesforce can then grant the third-party application access to its data and attach policies that define access restrictions, such as when the app’s access expires. Salesforce can also audit connected app usage.

Connected apps are available in your Salesforce orgs and Experience Cloud sites. By default, your org and your Experience Cloud users can access connected apps. But you can restrict user access to a connected app with permissions and policies. For more information, see Manage Access to a Connected App.

• Connected App Use Cases
  There are four main use cases for which your org can implement connected apps. You can use a connected app to integrate external applications with the Salesforce API, such as a web-based app that pulls in order status data from your Salesforce org. You can also use connected apps to integrate service providers with your Salesforce org, and to set security policies to control what data a third-party app can access from your org. And you can configure a connected app to provide authorization for external API gateways, such as API gateways hosted on MuleSoft’s Anypoint Platform.
• Create a Connected App
  When you create a connected app, make sure that you understand how it’s going to be used so you can configure the appropriate settings. For example, if you’re creating a connected app to integrate an external application with your Salesforce API, configure the connected app with OAuth authorization settings. Or if you’re creating a connected app to act as a service provider in a SAML single sign-on (SSO) flow, configure SAML settings.
• Edit a Connected App
  After you create a connected app, you can make changes to it’s configuration. The actions that you can perform depend on the type of connected app. Use the App Manager to get a list of apps available in your org, including connected apps. From here, you can edit, reconfigure, or delete the connected app.
• Manage Access to a Connected App
  After a connected app is installed in your org, you can manage access to it. Configure permissions and policies for the app, explicitly defining who can use the connected app and where they can access the app from. These permissions and policies, which include user-access, IP range restrictions, and multi-factor authentication (MFA), provide extra security for your org.
• Send Notifications to a Connected App
  Keep users of your custom app up to date with timely information and reminders. With the connected app framework, you can use the Notification Builder Platform or Apex Push to send custom notifications.
• OAuth Authorization Flows
  OAuth authorization flows grant a client application restricted access to protected resources on a resource server. Each OAuth flow offers a different process for approving access to a client app, but in general the flows consist of three main steps. To initiate an authorization flow, a client app requests access to a protected resource. In response, an authorizing server grants access tokens to the client app. A resource server then validates these access tokens and approves access to the protected resource.