Yes, in the previous blog, we discussed how to turn off Salesforce1. Using the same method, we can block the normal user from accessing Salesforce from Workbench.
1. Connected Apps
Navigate to Setup | Apps | Connected Apps | Manage Connected Apps, click Edit link on Workbench.
Change the 'Permitted Users' value under 'OAuth policies' to 'Admin approved users are pre-authorized', and click Save.
2. To Give Access
Now, you want specific users able to access Workbench. There are 2 options:
a. Using Profile
All users in the profile will be able to access Workbench.
In the Workbench page under Connected Apps, scroll down to Profiles, click Manage Profiles button. Select all profiles that need to access Workbench, then click Save button.
b. Using Permission Set
Using Permission Set is more flexible, only users assigned with that permission set will be able to access Workbench.
But before configure in Connected Apps, you need to create a permission set without any permissions, then assign users to that Permission Set. Next, in the Workbench page under Connected Apps, scroll down to Permission Sets, click Manage Permission Sets button. Select all permission sets that need to access Workbench, then click Save button.
When a user without permission to access Workbench, the user will see an error message when try to login to Workbench OAUTH_APP_ACCESS_DENIED: user is not admin approved to access this app.
Hi Johan,
ReplyDeleteGood Article. Thanks for sharing.
I have done all this to block the user. But still the user does have access. Any idea if there is some permission or something that is still allowing the user to login.
Thanks,
Kapil
sorry to hear that, not I am aware of
DeleteThank you.Very helpful
ReplyDelete