Connecting Salesforce to UserGems
Who can connect UG to SFDC?
I.e. who can first click “Sign Up with Salesforce”
- Any user with the OOTB “System Administrator” profile
- Any user with “Approve Uninstalled Connected Apps” permission
- Can be granted via assigned Profile or Permission Set
- This specific permission can be revoked after initial connection is made
If you are an existing customer and have already connected SFDC to UG, and you or your users are experiencing Oauth errors when trying to log in/sign up, please proceed to step 2b below.
Steps to connect UG:
- Assign permission temporarily: Have a system admin connect OR Give a trusted user Approve Uninstalled Connected Apps via permission set or profile setting (this permission can be removed after the app is installed if applicable)
- Listed under “System Permissions”
- Important: If you have a custom system admin profile, you will need to manually add the above permission to it
- Also note: If your SFDC org has “API Access Control” enabled, then the above permission will not specifically work. In this case, the connecting user needs the permission “Use Any API Client” assigned before connecting.
- You can check if SFDC has enabled “API Access Control” in your org by searching this in the Quick Find search in Setup
- If nothing shows up, this is NOT enabled
- If nothing shows up, this is NOT enabled
- You can check if SFDC has enabled “API Access Control” in your org by searching this in the Quick Find search in Setup
- Authorize & Install:
- (a) User with permission from step 1 connects app at (datatest sign up link)
- **click “Sign up with SFDC”
- (b) SFDC Admin then goes to Setup → Connected Apps OAuth Usage and click Install for the “UserGems” app so it’s registered in the org.
- “UserGems” may be listed alphabetically OR towards the very bottom of the list
- (a) User with permission from step 1 connects app at (datatest sign up link)
- Define Permitted Users: In Setup -> Manage Connected Apps…find “UserGems” then…
- Set Permitted Users = All users may self-authorize (default)
If set to Admin approved users are pre-authorized, you must assign a profile or permission set to the intended users with “UserGems” added in the “Assigned Connected Apps” section
More on the “Approve Uninstalled Connected Apps” Permission
What it means:
- Lets a trusted user (usually a System Administrator) proceed with OAuth to an uninstalled connected app. Salesforce
Who needs it:
- The user in the customer’s org who is doing the connection. Standard System Administrator profiles got this automatically in Summer ’25; cloned/custom admin profiles did not.