Salesforce Developer Security Connected Apps


// Salesforce - Developer - Security - Connected Apps Basics:

A connected app is an application that integrates with Salesforce using 
Salesforce APIs. It is used to leverage Salesforce OAuth capabilities. It also 
lets the administrator specify security policies on the app and define access to 
it via the connected app configuration. 

All of the Salesforce supported OAuth 2.0 flows (except for the SAML assertion 
flow) require you to define a connected app. In the connected app definition, 
you specify the OAuth metadata about the application.

The OAuth scope of the application decides the access provided to the token 
issued via the OAuth flow. Make sure to always follow the principle of least 
privilege while defining this scope. Only provide the minimum access required 
for the application use case.

The connected app definition also lets you specify  OAuth policies like 
permitted users, IP restrictions and High Security sessions.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License