Salesforce is rolling out new security requirements for Connected Apps starting September 2025. These changes are designed to prevent unauthorized apps from gaining access to Salesforce data. If you’re using DataGroomr, you’ll need to take action to ensure uninterrupted access.

What is changing?

Salesforce is tightening rules around uninstalled connected apps.

  • If a Connected App is authorized by a user but not installed in the org, Salesforce may block it.

  • Only apps that are properly installed and trusted in your org will continue to function normally.

How does this affect DataGroomr?

DataGroomr integrates with Salesforce through a Connected App.

  • If your org shows DataGroomr as “Uninstalled” in the Connected Apps OAuth Usage page, Salesforce may block its access.

  • This could result in failed logins or synchronization issues.

How can I make sure DataGroomr continues to work?

To ensure DataGroomr remains active and trusted in your org, follow these steps:

  1. In Salesforce, go to Setup.

  2. Search for and select Connected Apps OAuth Usage.

  3. Find DataGroomr in the list.

  4. Check the Action column:

    • If you see an Install button → DataGroomr is considered uninstalled.

    • Click Install. Salesforce will display an installation page.

    • Click Install again to confirm.

  5. Once installed, the app will appear as a trusted Connected App and remain fully functional.

What happens if I don’t install DataGroomr as a Connected App?

If DataGroomr remains uninstalled:

  • Users may see OAuth errors like error=invalid_client when logging in.

  • Scheduled jobs and real-time triggers could fail.

  • You may be unable to log in DataGroomr services until the app is installed.

Further Hardening Access to DataGroomr

Beyond installing the Connected App, you can further secure your Salesforce org by restricting access to known DataGroomr IP addresses. This ensures that only traffic coming from DataGroomr’s secure infrastructure can access your org via the Connected App.

  • In Setup → Security → Network Access, whitelist the following static IPs used by DataGroomr:

    • 52.14.107.230

    • 18.220.63.130

  • This adds an additional security layer by blocking login attempts from any other network.

  • Combining Connected App installation with IP allow-listing ensures maximum protection against unauthorized access while keeping DataGroomr fully functional.

Where can I learn more about Salesforce’s change?

Salesforce Help Article: Prepare for Connected App Usage Restrictions

Do I need to do this for both production and sandbox?

Yes. Each Salesforce org (Production, Sandbox, or Scratch Org) manages Connected Apps separately. Make sure you check Connected Apps OAuth Usage in each org where you use DataGroomr.

Who should perform this change?

  • Salesforce Admins with Setup access should perform the installation.

  • If you’re not an admin, please share this guide with your Salesforce administrator.