Configuring Connected Apps
Generate Salesforce Connected App metadata for OAuth API integrations and Canvas embeds without hand-writing XML from scratch.
Install
npx skills add https://github.com/forcedotcom/sf-skills --skill configuring-connected-appsWhat is this skill?
- Basic Connected App XML template with Api and RefreshToken OAuth scopes
- Separate Canvas App template for embedding external UIs inside Salesforce
- Placeholder-driven metadata: app name, contact email, callback URL, canvas URL
- OAuth policy knobs including IP relaxation enforce and refresh token policy
- Minimal versus Canvas variants for API-only versus embedded-app use cases
Adoption & trust: 673 installs on skills.sh; 513 GitHub stars; 3/3 security scanners passed (skills.sh audits).
Recommended Skills
Azure Deploymicrosoft/azure-skills
Azure Preparemicrosoft/azure-skills
Azure Storagemicrosoft/azure-skills
Azure Validatemicrosoft/azure-skills
Appinsights Instrumentationmicrosoft/azure-skills
Azure Resource Lookupmicrosoft/azure-skills
Journey fit
Primary fit
Connected Apps are integration artifacts created while building Salesforce-linked products, which maps to Build. OAuth callbacks, scopes, and Canvas URLs are Salesforce platform integrations—not frontend polish or launch distribution.
Common Questions / FAQ
Is Configuring Connected Apps safe to install?
skills.sh reports 3 of 3 security scanners passed. Review the Security Audits panel on this page before installing in production.
SKILL.md
READMESKILL.md - Configuring Connected Apps
<?xml version="1.0" encoding="UTF-8"?> <!-- Template: Connected App - Basic Use Case: Simple API integration with minimal OAuth configuration Replace placeholders: - {{APP_NAME}}: Application name (no spaces, alphanumeric + underscore) - {{CONTACT_EMAIL}}: Administrator contact email - {{DESCRIPTION}}: Brief description of the app's purpose - {{CALLBACK_URL}}: OAuth callback URL (must be HTTPS in production) --> <ConnectedApp xmlns="http://soap.sforce.com/2006/04/metadata"> <label>{{APP_NAME}}</label> <contactEmail>{{CONTACT_EMAIL}}</contactEmail> <description>{{DESCRIPTION}}</description> <oauthConfig> <callbackUrl>{{CALLBACK_URL}}</callbackUrl> <isAdminApproved>false</isAdminApproved> <isConsumerSecretOptional>false</isConsumerSecretOptional> <scopes>Api</scopes> <scopes>RefreshToken</scopes> </oauthConfig> <oauthPolicy> <ipRelaxation>ENFORCE</ipRelaxation> <refreshTokenPolicy>infinite</refreshTokenPolicy> </oauthPolicy> </ConnectedApp> <?xml version="1.0" encoding="UTF-8"?> <!-- Template: Connected App - Canvas App Use Case: Embedding external applications within Salesforce UI Replace placeholders: - {{APP_NAME}}: Application name (no spaces, alphanumeric + underscore) - {{CONTACT_EMAIL}}: Administrator contact email - {{DESCRIPTION}}: Brief description of the app's purpose - {{CANVAS_URL}}: URL of your canvas application - {{CALLBACK_URL}}: OAuth callback URL (must be HTTPS) Canvas Access Methods: - Chatter Feed: Embed in Chatter - Chatter Tab: Add to Chatter tab - Publisher: Add to publisher actions - Visualforce Page: Embed via Visualforce - Mobile Card: Show on mobile record pages - OpenCTI: Use in Service Cloud CTI - LayoutSection: Embed in page layouts --> <ConnectedApp xmlns="http://soap.sforce.com/2006/04/metadata"> <label>{{APP_NAME}}</label> <contactEmail>{{CONTACT_EMAIL}}</contactEmail> <description>{{DESCRIPTION}}</description> <oauthConfig> <callbackUrl>{{CALLBACK_URL}}</callbackUrl> <isAdminApproved>true</isAdminApproved> <isConsumerSecretOptional>false</isConsumerSecretOptional> <scopes>Api</scopes> <scopes>RefreshToken</scopes> </oauthConfig> <oauthPolicy> <ipRelaxation>ENFORCE</ipRelaxation> <refreshTokenPolicy>infinite</refreshTokenPolicy> </oauthPolicy> <!-- Canvas Configuration --> <canvasConfig> <canvasUrl>{{CANVAS_URL}}</canvasUrl> <accessMethod>Get</accessMethod> <!-- Canvas Locations - uncomment as needed --> <locations>Chatter</locations> <locations>Visualforce</locations> <!-- <locations>ChatterFeed</locations> --> <!-- <locations>Publisher</locations> --> <!-- <locations>MobileNav</locations> --> <!-- <locations>OpenCTI</locations> --> <!-- <locations>LayoutSection</locations> --> <!-- Canvas Options --> <lifecycleClass></lifecycleClass> <options>HideHeader</options> <options>HideShare</options> <!-- SAML Initiation Method --> <samlInitiationMethod>None</samlInitiationMethod> </canvasConfig> </ConnectedApp> <?xml version="1.0" encoding="UTF-8"?> <!-- Template: Connected App - JWT Bearer Flow Use Case: Server-to-server integration, CI/CD pipelines, headless automation Replace placeholders: - {{APP_NAME}}: Application name (no spaces, alphanumeric + underscore) - {{CONTACT_EMAIL}}: Administrator contact email - {{DESCRIPTION}}: Brief description of the app's purpose - {{CERTIFICATE_NAME}}: Name of the certificate uploaded to Salesforce Prerequisites: 1. Create a self-signed certificate or use CA-signed certificate 2. Upload certificate to Salesforce (Setup > Certificate and Key Management) 3. Use the certificate name (not file name) in this template Note: No callback URL needed for JWT Bearer flow Note: Consu