Salesforce Connector Security Update
Updated
Salesforce is rolling out mandatory OAuth security enhancements that apply to all partner integrations, including the Sprinklr Salesforce Connector. These updates are designed to strengthen authentication and protect customer data.
Sprinklr has implemented the required changes on our side. However, some customers must reauthenticate their Salesforce Connector to ensure uninterrupted service.
Failure to complete the required action before May 11, 2026, may result in a disruption of your Salesforce integration in Sprinklr.
Note: Your assigned Sprinklr Success Manager will reach out directly with the timeline and step‑by‑step guidance if you are impacted.
What’s Changing?
Salesforce has introduced the following security enhancements:
Proof Key for Code Exchange (PKCE)
PKCE is an extension to the OAuth 2.0 authorization flow. It protects against authorization code interception attacks during sign-in.
What this means for you
PKCE is already enabled on Sprinklr’s Salesforce Connected App.
No action is required from you for this change.
This enhancement works automatically in the background.
Refresh Token Rotation (RTR)
Refresh Token Rotation invalidates a refresh token each time it is used and replaces it with a new one. This limits the risk if a token is ever compromised.
What this means for you
A one-time reauthentication is required for prod2 environment to restore your Salesforce Connector in Sprinklr.
Do You Need to Take Action?
Action depends on your environment, as outlined below:
Environment | Action Required |
Non‑Prod2 environments | No action required. |
Prod2 environment | Reauthentication is required due to a Connected App migration. Your assigned Sprinklr Success Manager will contact you with the timeline and steps. |
Why Is Sprinklr Making This Change?
These updates are mandated by Salesforce as part of their AppExchange security standards for all ISV partners. By complying with these requirements, Sprinklr ensures:
Stronger protection for your Salesforce data
Continued compliance with Salesforce security policies
Uninterrupted operation of your Salesforce integration
For detailed information, refer to Salesforce official announcement.
Need Help?
If you have questions or need assistance with reauthentication, contact:
Your Sprinklr Success Manager, or
This release note is for informational purposes. For environment‑specific guidance, reach out to your Sprinklr Success Manager.