Architecting Inbound Governance with External Client Apps
Summary
External Client Apps (ECAs) in Salesforce are the modern replacement for Connected Apps, providing a clearer, more secure framework for inbound external integrations. They separate application identity and administrative policies, enabling tighter governance, explicit authentication via OAuth and SAML protocols, and enforcing least-privilege access through scoped permissions. ECAs make integration management easier by supporting robust token handling, credential rotation, and lifecycle governance, while simplifying migration from legacy Connected Apps. Salesforce teams can build scalable, secure inbound integrations that align with modern security best practices and streamline ongoing operations.
Takeaways
- Use ECAs to clearly separate external client identity from user authorization.
- Select OAuth flows like Client Credentials or Authorization Code based on integration type.
- Apply least-privilege scopes aligned to specific integration responsibilities.
- Migrate from Connected Apps using automated tools or side-by-side strategies.
- Implement robust credential rotation using the Staged Credentials API.
Most Salesforce environments don’t exist in isolation. They exchange data with custom applications, partner integrations, and internal enterprise services. For years, Connected Apps enabled external systems to authenticate with Salesforce and access APIs, supporting everything from partner integrations to custom applications. As Salesforce environments become more interconnected, the way external access is defined and governed has continued to evolve. As of the Spring ’26 Release , External Client Apps (ECAs) are now the primary way to define inbound external integrations in Salesforce. They provide a structured approach to identifying external clients, configuring authentication, and governing access through configuration. For architects , this introduces a clearer model for managing external access. This blog covers how ECAs fit into the integration model and how they work in practice.