A connected app is a framework that enables an external application to integrate with Salesforce using APIs and standard protocols, such as SAML, OAuth, and OpenID Connect. Connected apps use these protocols to authenticate, authorize, and provide single sign-on (SSO) for external apps. The external apps that are integrated with Salesforce can run on the customer success platform, other platforms, devices, or SaaS subscriptions. For example, when you log in to your Salesforce mobile app and see your data from your Salesforce org, you’re using a connected app.
A connected app is a primary means by which a mobile app connects to Salesforce. Although not required, you can use Salesforce Mobile SDK to build mobile applications as connected apps. These connected apps can access Salesforce OAuth services and call Salesforce REST APIs.
For more information about Salesforce Mobile SDK, see Mobile SDK Development Guide.
- Create your connected app, and complete its basic information.
- Enable these OAuth Settings:
- Enter a callback URL. Mobile SDK uses this URL to call back to your application during authorization. For Mobile SDK, this value must match the OAuth redirect URI specified in your app’s project configuration.
- Select the following OAuth scopes: Access and manage you data (api), Perform requests on your behalf at any time (refresh_token, offline_access), and Provide access to your data via the Web (web).
- Deselect Require Secret for Web Server Flow if the Mobile SDK app performs authorization through the device’s native browser.
- Enter the mobile start URL to direct users to a specific location when the app is accessed from a mobile device.If you don’t enter a mobile start URL, users are sent to the start URL defined under Web App Settings.If the connected app you’re creating is a canvas app, you can skip this field. The Canvas App URL field contains the URL that gets called for the connected app.
- Select PIN Protect if your app supports PIN protection. This setting allows the admin to set the session timeout and PIN length for mobile applications after installing the connected app.Salesforce Mobile SDK supports PIN protection. You can also implement it manually by reading the
mobile_policyobject from the user’s Identity URL.
- For App Platform, specify the app platform, such as iOS.
- For Restrict to Device Type, specify the supported device form factors for the mobile app. If the app supports all form factors, don’t choose a value.
- For App Version, enter the version number of the mobile app.
- For Minimum OS version, enter the version required for the app.
- To confirm that this app is only for internal (non-public) distribution, select Private App . This setting is required because Apple doesn’t allow distribution of public mobile apps outside of its App Store.
- If the mobile app is private, specify the location of the Mobile App Binary file. The format of the file is IPA for iOS, and APK for Android.
- For iOS apps only:
- Specify the location of the Application Icon that is displayed while the app is being downloaded and installed on an iOS device.
- Specify the iOS Bundle Identifier.For iOS 7 and later, use the same bundle identifier that you used when developing the app in XCode. If you don’t, users see two app icons during installation.
- If the mobile connected app is a public app and you haven’t uploaded its binary file to Salesforce, enter the app binary URL.NOTE If you remove mobile integration from a new version of an existing connected app, mobile integration is removed from all versions of the app. For example, you publish a package containing version 1.0 of your connected app with mobile integration. You then remove mobile integration from the app, repackage it, and publish it as version 1.1. If a customer installs the earlier package with version 1.0, the connected app doesn’t contain mobile integration.
- Enable push notifications, as needed. See Mobile Push Notifications.
- When you’ve configured all settings for your connected app, click Save.