Loading
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            External Client App Settings: Metadata Secrets Protection Control

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            External Client App Settings: Metadata Secrets Protection Control

            This security setting prevents the sensitive plaintext consumer secrets used for OAuth authentication from being retrieved or exported through the Salesforce Metadata API.

            Control Name

            External Client App Settings: Metadata Secrets Protection

            Recommended Configuration

            Allow access to External Client App consumer secrets via Metadata API - Off.

            Control Overview

            This security setting prevents the sensitive plaintext consumer secrets used for OAuth authentication from being retrieved or exported through the Salesforce Metadata API.

            Security Risk If Not Configured

            When this access is enabled, any user or automated process with metadata read permissions can extract cryptographic secrets into local files, version control systems, or developer environments, creating a massive vulnerability for credential theft.

            Threat Scenarios

            A developer inadvertently commits an exported metadata file containing a plaintext consumer secret to a public code repository, allowing an external attacker to hijack the identity of the integrated application.

            Estimated CVSS Score Range

            High (7.0–8.9).

            Risk Impact Considerations

            The exposure of a consumer secret allows an unauthorized party to impersonate a trusted application, potentially gaining full access to the data and administrative functions of the linked Salesforce org.

            Higher Risk When

            If your company frequently uses third-party continuous integration and deployment tools that automatically pull metadata into external, less-secure environments.

            Low Risk When

            If you have restricted the modify all data and view setup permissions to a very small group of highly trusted Salesforce admins and use encrypted environment variables for all external integrations.

            Business and Integration Considerations

            Disabling this access means that developers cannot use standard metadata deployment tools to move secrets between environments, requiring manual entry or specialized secure credential injection during the deployment process.

            Recommended Remediation

            Go to the External Client Apps settings in Setup and make sure the toggle for allowing access to consumer secrets via the Metadata API is set to off.

            Security Health Review Guidance

            Security Health Review identifies the masking of consumer secrets as a mandatory standard for secret management, so that sensitive authentication credentials never leave the encrypted boundaries of the Salesforce platform.

            See Also

             
            Loading
            Salesforce Help | Article