# Install Limio Connected App Salesforce is introducing security changes that will require Connected Apps to be explicitly installed to function correctly. As a result, any Limio customers using Limio for Salesforce must ensure the **Limio Connected App** is installed in their Salesforce org. This guide explains: * What the Connected App is * How to install it safely * Best practices for configuring security policies ## What is the Limio Connected App? The **Limio Connected App** is used to facilitate secure OAuth authentication between Limio and your Salesforce instance. Installing the app: * **Does not change** the package itself. * **Does not revoke** current tokens. * Simply creates an **Installed Connected App** record, giving admins visibility and policy controls. This installation step has become necessary due to **Salesforce’s upcoming changes to Connected App Usage Restrictions** rolling out in Q4 2025. [📘 ](https://help.salesforce.com/s/articleView?id=005132365\&type=1\&utm_source=chatgpt.com)[Salesforce Docs: Changes to Connected App Usage Restrictions – September 2025](https://help.salesforce.com/s/articleView?id=005132365\&type=1\&utm_source=chatgpt.com) ## How to install the Limio Connected App 1. **Go to Setup** in Salesforce. 2. In the Quick Find, search for **Connected Apps OAuth Usage**. 3. Locate **Limio - Connected App** in the list. 4. Click **Install** next to the app. This step makes the app **installed** for your org. It does **not affect existing OAuth tokens** or your current Limio integration. ## How to configure Connected App Policies (recommended) Once installed, you should update the app’s policies for improved security and admin control: 1. After installation, click **Manage App Policies**. 2. Click **Edit Policies**. ### Recommended settings: After installing the app, we recommend the following Connected App security settings: * **Permitted users:**\ Set to **Admin approved users are pre-authorized**.\ This limits access to users who have been explicitly granted access through a permission set or profile. * **Pre-authorized users:**\ Select a relevant **permission set** or **profile**, and assign it to your integration user.\ This avoids requiring each user to individually authorize the app. * **Refresh token policy:**\ Use the default setting: **Refresh token is valid until revoked**.\ This allows integrations to stay connected continuously. You can revoke tokens at any time if needed. * **IP Relaxation:**\ Choose the appropriate setting for your org.\ Many integrations use **Relax IP restrictions** or **Enforce IP restrictions, but relax for refresh tokens** to prevent disruptions when IPs change. * **OAuth scopes:**\ Use the default scopes provided by Limio.\ Do **not** add additional scopes unless explicitly instructed by Limio Support. [📘 ](https://help.salesforce.com/s/articleView?id=xcloud.connected_app_manage_oauth.htm\&type=5)[Salesforce Docs: Manage OAuth Access Policies](https://help.salesforce.com/s/articleView?id=xcloud.connected_app_manage_oauth.htm\&type=5) ## Why is this important? Salesforce is tightening control over Connected App usage. Starting Q4 2025: * Apps not installed via **Connected Apps OAuth Usage** may be blocked. * This will initially impact new Salesforce orgs but will become the default enforcement. **Installing the Limio Connected App now avoids disruption** and ensures you remain compliant.