FAQs
Configuration & Administration
External Client App vs Connected App for CloudFiles integration
overview cloudfiles connects to salesforce using oauth 2 0 in salesforce, oauth access is managed by either a connected app or an external client app , depending on your org setup and how the integration is packaged how salesforce manages oauth access salesforce historically used connected apps, and later introduced external client apps as the modern path for managed packages; functionally both enable oauth token issuance for cloudfiles a connected app is salesforce’s long standing framework for integrating third party applications using standards like oauth, saml, and openid connect an external client app is salesforce’s newer framework for authorizing external integrations (also via oauth), and salesforce documentation now explicitly describes rest api authorization as working through either external client apps or connected apps when to use eca vs ca use the external client app (recommended) choose an external client app when you want the most stable, production ready setup for cloudfiles it supports client credentials flow , which is ideal for server to server authentication and does not rely on an individual user session it aligns with salesforce’s newer approach to managing third party oauth integrations it avoids older or less secure legacy flows that salesforce is gradually moving away from use a connected app (only if needed) a connected app is mainly useful in specific legacy scenarios your org already uses the existing managed connected app from an older cloudfiles setup and everything is working certain salesforce features or internal governance processes in your org still depend on connected apps your admin workflow requires creating connected apps, even though salesforce may manage that through external client app settings