Salesforce backup and restore for data, files and metadata
Post Reply
JonahM
Veeam Vanguard
Posts: 24
Liked: 7 times
Joined: Sep 20, 2021 5:10 pm
Full Name: Jonah May
Contact:

Per-Instance Connected Apps

Post by JonahM »

If I am understanding things correctly, it looks like when you specify tokens for the first connected app, it is used for every other connected app that gets deployed when multiple instances are backed up on the same server.


Are there plans to make it so tokens can be specified per instance? It seems like if the tokens are ever rotated it will rotate them for every connected instance.

Some instances where I could see the tokens being changed:
- A customer goes in and accidentally changes them
- A customer requires them to periodically rotate the tokens due to a company security policy
Mike Resseler
Product Manager
Posts: 8048
Liked: 1264 times
Joined: Feb 08, 2013 3:08 pm
Full Name: Mike Resseler
Location: Belgium
Contact:

Re: Per-Instance Connected Apps

Post by Mike Resseler »

Hi Jonah,

Your understanding is correct. There are indeed plans to dive further into this. Since you are requesting this as a service provider, note that we are planning a version that will have VCSP functionality in it, for today, if you want to play with it, it is best that your first connected app is your own SFDC subscription so that all customers connect to your connect app.

Hope it makes sense
MIvanov
VP, Product Management
Posts: 260
Liked: 75 times
Joined: Dec 12, 2008 2:39 pm
Full Name: Maxim
Contact:

Re: Per-Instance Connected Apps

Post by MIvanov »

Some instances where I could see the tokens being changed:
- A customer goes in and accidentally changes them
- A customer requires them to periodically rotate the tokens due to a company security policy
- Customer cannot change tokens in case a VCSP deploys the connected app in their own Salesforce organisation.

- Yes, rotation of tokens is a good thing to consider. Once you rotate tokens on your end, you need to re-authorize all organisations.

By default, with a BaaS scenario, customer does not control the connected app and should not do anything yo configure it. Creating connected app takes 10 minutes, that is along wait for the end user experience in a SaaS experience. So, if you consider other Baas solutions, you just authorize your SF org and that is it!

So, either VCSP needs to have N connected apps preconfigured with a target, lets say, 10 customers per app or have a manual deployment process with provisioning another app..
Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests