1. Setup Connected Apps
- Setup - Manage Apps - Connected Apps, select both Salesforce1 for iOS and Salesforce1/Chatter for Android as user may use both devices.
- Click Edit next to Salesforce1 for iOS
- Change Permitted Users under OAuth policies from All Users may self-authorize to Admin-approved users are pre-authorized
- To enhance security, you can enable PIN under Mobile Integration in this page
- Save
- Repeat the same for Salesforce1/Chatter for Android
2. Enable Profiles or Permission Sets
- Once step 1 above done, click on Salesforce1 for iOS & Salesforce1/Chatter for Android link (not Edit link)
- You will notice Profiles & Permission Sets related list added (this is because Permitted Users now is set to Admin-approved users are pre-authorized)
- Click Manage Profiles or Manage Permission Sets button
- Select Profiles or Permission Sets to enable
- Save
The same for Permission Set:
When Permitted Users set to All Users may self-authorize, user will see below screen to self approve
Once it change to Admin-approved users are pre-authorized, for user not in the approved list, user will see error below:
You can monitor user login using Salesforce1 from Login History, see Application column.
Note: until Winter '15 release, even access to Salesforce1 is not success, because user is not in approve list, but login history Status for that login is still captured as Success.
Reference: Editing a Connected App
No comments:
Post a Comment