Connected apps are one of Salesforce’s great strengths. They make it easy to integrate tools, automate work, and extend what your CRM can do. But they’re also one of the least understood and most overlooked security risks in many organisations.
If you’ve ever logged in to a third party tool with your Salesforce credentials, you’ve used a connected app. That app then inherits your permissions. Which means if you can see sensitive data in Salesforce, so can the app.
When you think about it that way, connected apps can quietly become one of the biggest blind spots in your org.
Expert insights in this article were provided by Doug Merrett and Platinum7, specialists in Salesforce security and integration modernisation.
How Salesforce changed the rules for good reason
Salesforce has tightened how uninstalled connected apps work. From early September 2025, most users can’t use an uninstalled connected app unless you install the app in your org or grant the new Approve Uninstalled Connected Apps user permission. Previously authorised access may continue for some non-device-flow apps, but new users will be blocked. Apps using the OAuth device flow are blocked for everyone.
Separately, for installed connected apps, the default OAuth policy is still ‘All users may self authorise’, and you can change that to ‘Admin approved users are pre-authorised’ to explicitly control who can use the app.
It’s a small set of changes with a big impact on risk, but only if someone’s actively reviewing which apps are installed and who can use them.
Why not every risky app looks suspicious
Not every risky app looks suspicious. Many legitimate looking tools, especially ones found on forums or shared by colleagues, can still present serious risks.
Some apps are fully on platform, written entirely in Apex or Lightning Web Components. These live inside your org and don’t send data elsewhere.
Others are hybrid apps, with part of the solution installed inside Salesforce and calls made to an external service. Think of a postcode validation tool that checks addresses against a live dataset.
Then there are pure connected apps, external systems that authenticate into your Salesforce org through OAuth or API credentials. If an external app is compromised, or if a user connects one without admin oversight, sensitive data can leave your org without anyone realising.
What you should do right now
Every Salesforce org should review its connected apps at least twice a year. It doesn’t take long, and it can save a world of trouble.
- Audit your connected apps.
Go to Setup > Connected Apps > Manage Connected Apps. List every app that’s active and who’s using it. - Ask why each app exists.
Is it still used? Does it add business value? If not, block it. - Verify who built it.
If it’s not from Salesforce, a trusted AppExchange partner, or a well known vendor, give it closer scrutiny. - Lock down access.
For installed apps, switch the OAuth policy to Admin approved users are pre-authorised and grant access via profiles or permission sets. This gives you explicit control over who can use the app. - Create a simple approval process.
Encourage teams to request new integrations through a central process. That doesn’t mean slowing them down, just making sure someone checks security and compliance before it’s switched on. Salesforce’s 2025 restrictions on uninstalled apps are a good prompt to tidy this up.
Balancing innovation and control
This isn’t about blocking everything. Connected apps are a huge part of what makes Salesforce flexible and powerful. The goal is to enable innovation safely. The more disciplined your approach to app management, the more freedom your teams have to experiment confidently.
Think of it as smart guardrails. They don’t restrict creativity. They protect it.
The wider story of trust and transparency
Customers and regulators increasingly expect businesses to demonstrate how they protect data. Reviewing your connected apps isn’t just about preventing breaches. It’s about showing that you take trust seriously.
When you can clearly explain what systems connect to Salesforce, who controls them, and why they exist, it builds confidence inside your team and outside it.
That’s why connected apps deserve a spot in every security conversation. They sit at the crossroads of productivity and protection.
The takeaway
You don’t need to fear connected apps. You just need to manage them intentionally.
Start with an audit, review who’s connecting what, install and approve trusted apps, and switch on admin control. It’s a simple way to protect your data, your users, and your reputation.
If your connected apps are creating clutter or slowing campaigns, we can help you untangle what’s there and build a cleaner, more connected Salesforce stack that supports your marketing goals. Let’s talk about how to make your data work harder and smarter.
