Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
DictionaryMManage Connected Apps
AdministrationBeginner

Manage Connected Apps

Manage Connected Apps is a Setup page that lists all Connected Apps that have been installed or created in the org, including OAuth settings, session policies, IP restrictions, and user provisioning configurations.

§ 01

Definition

Manage Connected Apps is a Setup page that lists all Connected Apps that have been installed or created in the org, including OAuth settings, session policies, IP restrictions, and user provisioning configurations. Administrators use this page to control which users can access each connected app and under what conditions.

§ 02

In plain English

👋 Study buddy

Here's a simple way to think about it: Manage Connected Apps is the inventory page for every external app talking to your org via OAuth - Slack, Outlook, internal tools, vendor integrations. Each app's OAuth scopes, IP restrictions, user provisioning, session policies live here.

§ 03

Worked example

scenario · real-world use

The admin at Apex Dynamics opens Manage Connected Apps to review the Tableau connected app configuration. She tightens the session policy to require re-authentication every 4 hours, restricts access to users with the "Analytics User" permission set, and enables IP restrictions so the app can only be accessed from the corporate VPN.

§ 04

Why Manage Connected Apps is the inventory page for every app talking to your org via OAuth

A Connected App is a record of an external system that authenticates to Salesforce - Slack, Outlook, internal tools, that vendor integration the procurement team approved last year. Manage Connected Apps lists every one of them and lets you control what each can do: which OAuth scopes are allowed, which IP ranges can use the app, which users are provisioned, what the session policies look like.

The reason it's worth a quarterly review is that integration sprawl is silent. New apps get added, old apps get forgotten, and the cumulative set is what an attacker would target through credential phishing or token theft. Treat this page as the source of truth for who has API access to your Salesforce, revoke apps that no team owns, and tighten OAuth scopes on the ones that remain.

§ 05

How to set up Manage Connected Apps

Manage Connected Apps is the org-level page for governing already-installed Connected Apps — block app, change OAuth policies, set IP relaxation, configure session settings per app. It's the day-2 management page (vs App Manager for creation).

  1. Open Setup → Manage Connected Apps

    Setup gear → Quick Find: Manage Connected Apps → Manage Connected Apps.

  2. Review the list of Connected Apps

    Each row: Name, Active, Permitted Users, IP Relaxation.

  3. Click Edit on an app to change OAuth policies

    Permitted Users (All vs Admin Approved), IP Relaxation, Refresh Token Policy.

  4. For app retirement: click Block (rather than Delete)

    Block disables the app immediately for all users. Delete removes it permanently.

  5. Configure session settings per app

    Some apps may need shorter / longer session timeouts than org default — set per Connected App here.

  6. Save

    Changes apply immediately. In-flight sessions for the app may need to refresh.

Key options
Permitted Usersremember

All users may self-authorize / Admin approved users are pre-authorized. Pre-authorized is more secure.

IP Relaxationremember

Per-app override of org Network Access settings.

Refresh Token Policyremember

Refresh token valid until revoked / expires after N days / immediately expires.

Session Settingsremember

Per-app session timeout, IP locking.

Gotchas
  • Blocking a Connected App revokes ALL active sessions. Integrations using it fail immediately — coordinate with stakeholders.
  • Per-app session settings override org defaults. A Connected App with 24-hour timeout when org default is 4 hours is less secure — review periodically.
  • Permitted Users "Admin approved users" requires explicit Permission Set assignment. Forgetting this leaves the app inaccessible to everyone.
§ 06

How organizations use Manage Connected Apps

Vanguard Solutions

Quarterly review revoked 8 stale Connected Apps with zero current users but live tokens; reduced attack surface measurably.

BlueRiver Health

After a phishing incident, Manage Connected Apps was the page where suspect tokens were revoked within minutes.

Cascade Industries

Audit revealed an over-permissive OAuth scope on a partner integration; tightening eliminated unnecessary data access.

§

Trust & references

Official documentation

Straight from the source - Salesforce's reference material on Manage Connected Apps.

Was this entry helpful?
Help us write better definitions. Quick reactions or detailed edit suggestions.
§

Test your knowledge

Q1. What is the primary benefit of Manage Connected Apps for Salesforce administrators?

Q2. Why is understanding Manage Connected Apps important for Salesforce admins?

Q3. In which area of Salesforce would you typically find Manage Connected Apps?

§

Discussion

Loading…

Loading discussion…

Back to Dictionary