Newer Version Available

This content describes an older version of this product. View Latest

Manage OAuth-Enabled Connected Apps Access to Your Data

All users can manage a OAuth-enabled connected app’s access to their Salesforce data from their personal settings. The apps that have permission to access Salesforce data are listed under advanced user details. Users can get information about each app and revoke the app’s access.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Available in: All Editions

User Permissions Needed
To manage, create, edit, and delete OAuth apps: Manage Connected Apps

OAuth-enabled connected apps are integrated with Salesforce, so they can access a subset of your Salesforce data after you explicitly grant each app permission.

Go to your personal settings to see which connected apps have permission to access your Salesforce data. Then revoke a connected app’s access, as needed.
  1. From your personal settings, enter Advanced User Details in the Quick Find box, then select Advanced User Details. No results? Enter Personal Information in the Quick Find box, then select Personal Information.
  2. In the OAuth Connected Apps section, you can:
    • View information about each connected app that you’ve granted access to, the number of times, and the last time the app attempted to access your information.
      • A connected app can be listed more than once. Each time you grant access to an app, it obtains a new access token. Requests for refresh tokens increase the use count. Also, if an OAuth 2.0 connected app requests multiple tokens with different scopes, you see the same app multiple times.
      • Even if the connected app failed to access your information because it couldn’t log in, the Use Count and Last Used fields are updated.
      • Each connected app allows five unique approvals per user. After a fifth approval is made, the oldest approval is revoked. For OAuth 1.x, each issued access token counts as an approval and is listed as a separate entry in the table. For OAuth 2.0, the table lists each refresh token that counts as an approval. Other flows, such as user-agent flows, might also count as approvals. For consumers that use connected apps, avoid requesting OAuth 1.x access tokens or OAuth 2.0 refresh tokens more than once for each device. That way the limit of five unique approvals doesn’t impact your org.

      Note

    • Click Revoke to revoke the app’s access. After you revoke the app, it can no longer access your Salesforce data.

      Revoke all access tokens for a particular app to prevent it from accessing your Salesforce data.

      Important