Default Salesforce CLI OAuth 2.0 Device Flow Removal

게시 일자: Aug 29, 2025

상세 설명

Salesforce have removed support in the default Salesforce CLI Connected App for the OAuth 2.0 Device Flow for authentication. There will be no exceptions or extensions to this removal. This change is part of Salesforce's commitment to making our products and services secure-by-default.

Starting on 8/28/2025, new and existing authorizations to any org using the OAuth 2.0 Device Flow that also use the default Salesforce CLI connected app will be blocked.

Announcement
https://github.com/forcedotcom/cli/issues/3368

Who does this change impact?
For example, if you use the org login device CLI command with the default Salesforce CLI connected app, then starting on 8/28/2025 the authorization will be blocked.

솔루션

Resolution:

We recommend that instead of the OAuth 2.0 Device Flow, you use a different OAuth 2.0 flow, such as:

Web Server Flow: Authorize an org using a browser. CLI command: org login web.
JWT bearer flow: Authorize an org in a headless environment, such as CI. CLI command: org login jwt.

NOTE: You can't work around this issue by installing the default Salesforce CLI connected app and enabling device flow, because the Enable for Device Flow option in the API (Enable OAuth Settings) section has been disabled. You must now be the org admin to install the Salesforce CLI connected app.

Knowledge 기사 번호

005135030

이 기사를 통해 문제를 해결했습니까?

개선을 위한 의견을 보내주세요.

Default Salesforce CLI OAuth 2.0 Device Flow Removal

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List