Skip to main content

Comply with New Salesforce Policies for Connected App Access

Fix the Salesforce OAuth errors for People.ai Connected Apps.

Updated this week

Who this article is for

This guide is for all People.ai customers with an active Salesforce integration. If your organization syncs data between People.ai and Salesforce, or if your users access People.ai applications (like PeopleGlass), these steps are mandatory to prevent future service interruptions.

Cause

Recently, Salesforce changed its security policy to restrict the use of uninstalled Connected Apps. This is not an issue with the People.ai platform, but a new, mandatory requirement from Salesforce that requires a one-time setup action from all customer administrators.

This policy affects both the core People.ai data integration and the PeopleGlass application.

The Salesforce policy now blocks any new or re-authenticating users from accessing applications that an administrator has not explicitly installed and authorized. While existing connections may continue to work until their token expires, all clients will eventually be impacted.

For full details on the change, Salesforce's recommendations, and instructions on administering Connected Apps to comply, please refer to this Salesforce Help Article: Prepare for Connected App Usage Restrictions Change.

Understanding the People.ai Apps in Salesforce

To ensure you are configuring the correct component, it's essential to understand the primary People.ai Connected Apps in Salesforce.

  • People.ai Integration App (for Data Sync) This app manages the background data sync between the core People.ai platform and Salesforce. It is configured from the Integrations page within the People.ai application. This app may also show up as: "People.ai".

  • PeopleGlass App (User Login)- This app manages user authentication for the PeopleGlass application. You should focus on this app if your users are reporting errors when logging in to PeopleGlass.

  • People.ai Canvas App (for Embedded UI). This app is used to embed the People.ai user interface directly into your Salesforce pages. It is installed via a Managed Package and configured separately. The steps below do not apply to the Canvas App.

Symptoms

Your organization may be affected by this policy change if:

  • Your background data sync for the core People.ai platform is failing with permission errors. Logs may show an OAUTH_APP_ACCESS_DENIED error.

  • When your users attempt to access PeopleGlass, Salesforce redirects them to an error page with the following (or similar) message: OAUTH_APPROVAL_ERROR_GENERIC : An unexpected error has occured during authentication. Please try again.

  • You see no data in the Permissions section of the People.ai Integrations > CRMs page.

  • You have tried to Re-Authorize the Salesforce <> People.ai Connection without success.

  • You are notified by your People.ai Customer Success Manager (CSM) or a Support representative that the integration connection is failing or at risk.

How to authorize the Connected App

The following steps are now mandatory for both new and existing Salesforce connections.

Part 1: Initiate the connection (for new or re-authorizing setups)

  1. From the People.ai application, navigate to Integrations and attempt to Authorize your Salesforce connection.

  2. This initial attempt may fail with an error, but it is a necessary step to make the Connected App visible to your Salesforce administrator for the following steps.

Part 2: Authorize the app in Salesforce (for all customers)

A Salesforce Administrator must perform the following steps:

  1. Navigate to Setup > Connected Apps OAuth Usage.

  2. Find the correct People.ai application you need to authorize (e.g., People.ai Integration App or PeopleGlass) and click Install.

    • Note: The app may appear in this list simply as People.ai.

  3. Click Manage App Policies.

  4. Click Edit Policies.

  5. In the OAuth Policies section, locate the Permitted Users dropdown and select 'Admin-approved users are pre-authorized'.

  6. Click Save.

  7. On the Connected App page, click "Manage Permission Sets" or "Manage Profiles" to add the specific integration user group that requires access.


This is an excellent opportunity to review your overall integration settings for People.ai. You may need to re-authorize the integration user.

How to check that data is flowing between CRM and Peopl.ai.

  • Check the Connections and Package tab in the UI. You can find this page by navigating to Integrations > CRMs.

  • Check the Permissions Tab on the same page as above. A recent "Last Synced" date and time is strong evidence that data is flowing.

  • The Sync Log tab shows a history of push (towards Salesforce) and pull (from Salesforce to People.ai) operations. Recent successful events on this page is also strong evidence that data is flowing.

Completing all three checks should indicate that data is flowing; however, if you encounter any issues, you can reach out to support@people.ai for assistance.

FAQS

1. Why is this action suddenly required? This is required due to a mandatory security update from Salesforce that requires administrators to approve all third-party applications explicitly.

2. Is the People.ai service down, or is this a bug? No, the People.ai service is fully operational. The error is a direct result of the new Salesforce security policy.

3. Why can some of my teammates still access PeopleGlass, but I can't? The Salesforce update primarily affects users who log in for the first time or re-authenticate. A teammate with an active session may not see the error until it expires.

4. What is the difference between this and the People.ai security update from September 5th? They are two separate events. The People.ai security update on September 5, 2025, was a planned action that logged all users out. The separate Salesforce-driven policy change is causing the login error you are currently experiencing.

5. As an administrator, do I need to authorize every user one by one? No. After setting the Permitted Users policy, you can efficiently grant access by adding an entire user Profile or Permission Set to the Connected App.

6. Does this Salesforce change impact any of our other applications? Yes, it's possible. This change affects all "uninstalled" Connected Apps in your Salesforce environment, not just People.ai applications.

Did this answer your question?