Pre-Authorize User App Access Through External Client App Policies
Configure who can use your app by defining which users are pre-authorized. Users who are
pre-authorized can bypass the Allow or Deny permission pop-up when accessing the app.
Required Editions
Setup for Mobile Publisher available in: Lightning Experience
Setup for Mobile Publisher available in: production only (not
sandbox)
Available in Lightning Experience in: Enterprise,
Performance, and Unlimited Editions
User Permissions Needed
To create and modify a Mobile Publisher project:
Manage mySalesforce Apps
Important Almost all Mobile Publisher apps were moved to the External Client App
framework in the Summer '25 release. If your app is one of a few still using Connected Apps,
refer to the help documentation for any
customizations you need to make.
Admin approved users who are pre-authorized allows only users with the associated profile
or permission set to access the app without first authorizing it. After selecting this
option, manage profiles for the app by editing each profile’s External Client App Access
list. Or manage permission sets for the app by editing each permission set’s External Client
App list.
Warning If you switch from All Users may self-authorize to Admin-approved users
are pre-authorized, anyone using the app loses access, unless a user’s permission authorizes
the external client app specifically. In addition, if users have the Use Any API Client
permission, they can access any external client app—even if its Permitted Users setting is
set to Admin-approved users are pre-authorized. Be careful when using the Use Any API Client
permission. As the name implies, you’re giving up your control over authorization.
From Setup, enter Mobile Publisher in the Quick Find box, then
select Mobile Publisher.
In the External Client App Settings tab, select Policy
Configuration for your app and click Edit.
Under OAuth policies, click the Permitted Users dropdown and
select Admin approved users are pre-authorized.
Click Save.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
