Use API Access Control to manage access to your Salesforce APIs. With this feature, you
can restrict all users from accessing your Salesforce APIs unless they’re pre-authorized through
an approved (allowlisted) connected app. Or you can restrict only customers and partners from
accessing your Salesforce APIs unless they’re using a connected app that is installed in your
org.
Required Editions
Available in: both Salesforce Classic
and Lightning Experience
Available in: Professional, Enterprise, Performance,
Unlimited, and Developer Editions
To enable this feature, request API Access Control from Salesforce Customer
Support.
Restrict Access to APIs with Connected Apps You can use API Access Control to restrict users from accessing your Salesforce APIs, unless they’re pre-authorized through an approved connected app. Connected apps integrate external applications with Salesforce APIs. With API Access Control, you can lock down all connected apps’ access to Salesforce APIs and then approve (allowlist) specific connected apps. Using profiles and permission sets, you can then grant users access to an approved connected app. These users can access APIs through the connected app.
Restrict Customers and Partners from Accessing APIs You can use API Access Control to restrict customers and partners from accessing APIs, unless they’re using a connected app that is installed in the Experience Cloud site. Connected apps integrate external applications with Salesforce APIs. You can select which connected apps to install in the Experience Cloud site to limit access to APIs.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
