Existing customers with End User signup issues should follow the steps in this article
Due to Salesforce security policy updates, this connection process and related permissions are effective as of September 2025. These changes reflect Salesforce’s enhanced authentication and connected app approval requirements.
As part of this update, admins will see an “Install” button in Salesforce under Setup → Apps → App Manager → Connected Apps (OAuth) when authorizing UserGems. This action does not install software or modify your Salesforce org — it simply authorizes a secure API connection allowing UserGems to access the data defined by your connected user’s permissions for the DataTest.
Who can connect UG to SFDC?
I.e. who can first click “Sign Up with Salesforce”
- Any user with the OOTB “System Administrator” profile
- Any user with “Approve Uninstalled Connected Apps” permission
- Can be granted via assigned Profile or Permission Set
- This specific permission can be revoked after initial connection is made
Since this is a Read Only data test, you may also connect a user with minimum necessary access. If this route is preferred, please just ensure the connecting user has the permissions outlined in this article.
Steps to connect UG:
- Assign permission temporarily: Have a system admin connect OR Give a trusted user Approve Uninstalled Connected Apps via permission set or profile setting (this permission can be removed after the app is installed if applicable)
- Listed under “System Permissions”
- Important: If you have a custom system admin profile, you will need to manually add the above permission to it
- Also note: If your SFDC org has “API Access Control” enabled, then the above permission will not specifically work. In this case, the connecting user needs the permission “Use Any API Client” assigned before connecting.
- You can check if SFDC has enabled “API Access Control” in your org by searching this in the Quick Find search in Setup
- If nothing shows up, this is NOT enabled
- If nothing shows up, this is NOT enabled
- You can check if SFDC has enabled “API Access Control” in your org by searching this in the Quick Find search in Setup
- Authorize & Install:
- (a) User with permission from step 1 connects app at (datatest sign up link)
- **click “Sign up with SFDC”
- (b) SFDC Admin then goes to Setup → Connected Apps OAuth Usage and click Install for the “UserGems” app so it’s registered in the org.
- “UserGems” may be listed alphabetically OR towards the very bottom of the list
- (a) User with permission from step 1 connects app at (datatest sign up link)
- Define Permitted Users: In Setup -> Manage Connected Apps…find “UserGems” then…
- Set Permitted Users = All users may self-authorize (default)
If set to Admin approved users are pre-authorized, you must assign a profile or permission set to the intended users with “UserGems” added in the “Assigned Connected Apps” section
More on the “Approve Uninstalled Connected Apps” permission
What it means:
- Lets a trusted user (usually a System Administrator) proceed with OAuth to an uninstalled connected app. Salesforce
Who needs it:
- The user in the customer’s org who is doing the connection. Standard System Administrator profiles got this automatically in Summer ’25; cloned/custom admin profiles did not.
What specifically does clicking "Install" do for a connected app?
- The connected app already exists in Salesforce (it’s been registered with OAuth settings and permissions).
- Clicking “Install” begins a trust or authorization process, where you:
- Approve the app’s access scopes (e.g., read contacts, manage data, etc.)
- Allow specific profiles, permission sets, or users to connect through that app.
- After installation, the app moves from a “not yet authorized” state to active and usable for your org or specific users.
