Salesforce has announced that API Access Control must be enforced, and once fully enforced, the username/password + security token method will no longer be permitted for API integrations.
https://help.salesforce.com/s/articleView?id=005228838&type=1
While the current Sisense guidance allows us to continue using token-based authentication, we belive this is only a temporary gap in Salesforce’s enforcement. We expect that Salesforce will require all integrations to authenticate exclusively through an allowlisted Connected App using OAuth.
This is not a feature request in the traditional sense. It is a compliance requirement dictated by Salesforce’s security model, and other analytics and reporting tools that integrate with Salesforce already support Connected App–based OAuth authentication natively.
To ensure long term compatibility and security, Sisense needs to provide:
- Native support for OAuth via Salesforce Connected App, without requiring manual JDBC string assembly or custom development
- A UI-driven configuration aligned with Salesforce’s allowlisting and API Access Control policies
- Clear guidance for customers migrating away from token-based authentication
Without this capability, Sisense will no longer be able to integrate with Salesforce once Salesforce completes enforcement.
Please escalate this as a priority compliance feature.