Salesforce is retiring the Resource Owner Password Credentials (ROPC) security policy for connected apps. Oracle Integration customers using the Salesforce Adapter with ROPC-based connections should migrate to a supported OAuth-based configuration before the Salesforce Winter 2027 release to avoid disruption.

Attention Oracle Integration Customers Using Salesforce Adapter

This blog applies to integrations that use ROPC-based Salesforce Adapter connections with connected apps.

Problem Statement

Salesforce has disabled the creation of new connected apps and has announced the retirement of ROPC for connected apps. Existing connected apps that use the ROPC policy are supported only until the Salesforce Winter 2027 release. See Retirement of Connected Apps and Retirement of OAuth 2.0 Username-Password Flow for Connected Apps.

Impact on Existing Integrations

Integrations that use ROPC-based Salesforce Adapter connections must be migrated to a Salesforce Adapter connection that uses the Authorization Code Credentials security policy. This change does not apply to the Salesforce REST Adapter, which does not support ROPC. Failure to complete this migration may result in integration disruption.

Required Action

You must complete the following actions:

  1. Migrate the existing Salesforce connected app to an external client app, if the app is eligible for migration.
  2. Create or update the Salesforce connection in Oracle Integration and configure it to use the Authorization Code Credentials security policy.
    Note: Salesforce recommends using the Custom Domain for secure connections because Salesforce will no longer support instance URLs, old non-enhanced domains, and redirected legacy hostnames. See Enhanced Domains Timeline and Salesforce Adapter User Guide.           
  3. Update the integration to use the new or updated Salesforce Adapter connection.
    a. Open the integration in Oracle Integration.
    b. Replace the old Salesforce Adapter connection with the new or updated Salesforce connection.
    c. Save the integration changes.
    d. Refresh the integration endpoints so the updated connection details are picked up.
    e. Review the integration for any validation errors.
    f. Reactivate the integration.

For detailed migration guidance, see Migrate Resource Owner Password Credentials (ROPC)-Based Connections

Conclusion   

Avoid integration disruption by ensuring that Salesforce Adapter integrations using ROPC-based connections are migrated ahead of the Salesforce Winter 2027 release.

Migrating to the new Salesforce Adapter connection type simplifies ongoing maintenance and helps ensure continued compatibility with Salesforce updates.

If you are also using Basic Authentication with the Salesforce Adapter, see Action Required – Migrate from Basic Auth to OAuth for the Salesforce Adapter in Oracle Integration by Summer ’27.