Print this page

What is Connected Apps and how can it provide better external and mobile app security

Knowledge Article Number 000175921
Connected Apps allows external applications to connect to salesforce over Identity and other DATA APIs. It utilizes the standard Oauth 2.0 protocol, can provide Single Sign-On and acquire access tokens for use by the various salesforce supported APIs. Connected Apps is designed to replace the current REMOTE APPS (see ). Remote Apps supports the standard OAuth capabilities.
Connected Apps also offers additional levels of control:
- allows admins to provide explicit controls over which users can use the external application
- various security policies by the application (OAuth scopes)
Connected Apps begin with a developer defining OAuth metadata about the application, including:
- Basic descriptive and contact information for the Connected App
- The OAuth scopes and callback URL for the Connected App
- Optional IP ranges where the Connected App might be running
- Optional information about mobile policies the Connected App can enforce
OAuth Scopes are:
- Access & manage your Chatter Feed
- Access & manage your data
- Access your basic information
- Full Access
- Perform requests on your behalf at any time
- Provide access to custom applications
- Provide access to your data via the web
Salesforce currently supports OAuth versions 1.0.A and 2.0. and is compatible with Draft v2–25 of the OAuth 2.0 protocol from the IETF working group. For more on the standard documentation of the OAuth standard see the following:
Mobile specific:

promote demote