A connected app integrates an application with Salesforce using APIs. Connected apps use standard SAML and OAuth protocols to authenticate, provide single sign-on, and provide tokens for use with Salesforce APIs. In addition to standard OAuth capabilities, connected apps allow Salesforce admins to set various security policies and have explicit control over who can use the corresponding apps.
As a Salesforce admin, you install a connected app in your org to enable authentication. Then you can use profiles, permission sets, and IP range restrictions to control which users can access the app.
Here’s a general list of information that you provide when you create a connected app.
- Name, description, logo, and contact information
- URL where Salesforce can locate the app for authorization or identification
- Authorization protocol: OAuth, SAML, or both
- IP ranges from where users can log in to connected app (optional)
- Information about mobile policies that the connected app can enforce (optional)
For connected apps that use OAuth service providers, provide the following information.
- OAuth scopes (permissions given by the user running the app) and callback URL for the connected app. In return, Salesforce provides an OAuth Consumer Key and a Consumer Secret to authorize the connected app.
- How the OAuth request handles the ID token in a token response.
For connected apps that use SAML service providers, provide the following information, which you get from the service provider.
- Entity ID
- ACS (assertion consumer service)
- Subject type
- Name ID format
- Issuer for authorizing the connected app
How you deploy a connected app depends on where it’s created.
- IT departments create connected apps to use in their org.
- ISVs and other developers create apps in a Developer org and then distribute them to other orgs, for example, through AppExchange.
You can install a new version of a connected app when the developer notifies you that a new version is available. To integrate with Salesforce more tightly, you can expose the connected app as a canvas app.
“Explore – Techila Global Services, A Salesforce development company”