What is oAuth in Salesforce?
Salesforce can connect to external applications that reference and view your Salesforce data via a method called oAuth. With oAuth, the third-party tools are allowed to access data within your Salesforce instance that it is given access to. This authentication is unique by environment. This means that if you give access via oAuth to Workbench for your Sandbox, there is no inherent access to your Production environment. The other benefit of using oAuth for connection is that your password is never shared with the third-party application.
In this post, I will walk you through how to view which apps have been granted connection permissions via oAuth. In addition, I will also walk you through how to view who is using that connection.
How to View Apps with oAuth Permissions
First, to view which apps have been granted access to your environment, navigate to Setup. In the Quick Find box, search for “Connected Apps oAuth Usage”.
Once you have navigated to this area, click on “Connected Apps oAuth Usage.” Here, you will be presented with a list of apps that currently have an oAuth connection.
You can see here, under the Workbench entry, that there is 1 user who has leveraged the oAuth connection. You also have the ability to easily block or uninstall access directly from this screen. In a future blog post, I will discuss what the Manage App Policies functionality does for these connected apps.
If I were to click the 1 under user count, we would be presented with this view.
Notice in this section, that the username of the person who has accessed the tool via oAuth is displayed. Additionally, the user’s total number of uses is also displayed. This will also display the last time they used the 3rd party tool. If I needed to revoke access for a certain user (assuming multiple users were listed on the above screenshot), I could do that by clicking the revoke button next to their name. If I wanted to revoke access for all users for whatever reason, you can also do that via the revoke all button.
Salesforce allows administrators to monitor and protect the security of their environment via the Connected Apps section. It also allows administrators to quickly and easily suspend or revoke access for both individual users and the entire organization.
- Salesforce Help: Authorize Apps with oAuth