|User Permissions Needed|
|To manage, create, edit, and delete OAuth apps:||“Manage Connected Apps”|
Now you can set such security policies as:
- Who can run the connected app
- How long a user’s session can be
- Whether IP restrictions are enforced
- Whether a mobile connected app requires a PIN
Check it out. Go to your Connected Apps OAuth Usage page. From Setup, enter Connected Apps in the Quick Find box and select Connected Apps OAuth Usage. The page looks a little different with this release.
The connected apps in your org still have a link to adjust security policies, but we’ve renamed it to Manage App Policies. Clicking the link takes you to the app’s detail page. From there, you click Edit Policies to modify the app’s policies to meet your access and security needs.
But what about the connected apps that don’t have a link to the app’s detail page? These apps were created by developers in another org. Users can connect to them because OAuth apps are available throughout Salesforce. However, you can’t manage their security policies because they’re not installed in your org.
Until now. With this release, you can install the apps locally so that you can manage them. Click Install next to the app and the Manage App Policies link appears. Click the link to go to the app’s detail page, and then click Edit Policies to modify the policies to meet your access and security needs.
After you’ve installed the app, the button changes to Uninstall. However, it’s recommended that you uninstall an app only when the original developer deletes the app on the other org. Uninstall doesn’t remove the connected app. Instead, it removes the OAuth policies that you set for the app in your org. You’re actually loosening your security measures. To make the connected app inaccessible to your org’s users, click Block. Blocking an app ends all current user sessions with the connected app and blocks all new sessions. You can restore access to the app by clicking Unblock.