Upcoming Authentication Change for Nintex DocGen for Salesforce – Take Action Before 2026
Some customers are still using an older authentication method that future package versions of Nintex DocGen for Salesforce (starting very early 2026) will no longer support.
We’re encouraging customers to switch to our supported authentication method, Connected Apps and OAuth, now so they won’t experience service interruptions or last-minute issues during a future app upgrade.
What’s Changing?
Starting with Nintex DocGen for Salesforce package versions released after January 2026, the app will no longer support running DocGen Packages without Connected Apps and OAuth enabled.
What this means:
- If you stay on your current package version (released before January 2026):
DocGen for Salesforce will continue working as it does today, even if you haven’t enabled OAuth yet. - If you upgrade to a new package version (released after January 2026) and have NOT enabled OAuth:
DocGen automated runs will fail with authentication errors.
Manual runs will still work, but each user will be prompted to authorize the app the first time they run a DocGen Package
What Customers Should Do Now
- Go to Nintex Admin → Settings in Salesforce
- Check the status of the Connected Apps and OAuth setting.
- If the setting is already ON, no further action is needed. You’re already using Connected Apps and OAuth and are ready for future updates.
- If the setting is OFF, we recommend turning it ON at your earliest convenience.
Follow these simple steps to turn it on.
After the switch is flipped, users can expect a few changes.
| Scenario | What Happens |
| Manual Runs (button clicks, Lightning Component runs) | Users will see an Authorize and Run button the first time they generate a document. |
| Automated Runs | Will continue working if the automation user has already completed OAuth authorization. If not, these runs may fail until authorization happens. |
How can users authorize?
You can manage how users authorize Nintex DocGen in Salesforce by adjusting the Permitted Users OAuth Policy for the Connected App.
Two Options:
| Option | What It Means |
| All users may self-authorize (Default) | Each user will be prompted to authorize the first time they run a DocGen Package. |
| Admin approved users are pre-authorized | Only users with a specific Salesforce profile or permission set can run DocGen without needing to authorize manually. |
This video provides a quick overview of the available options.
📌Tip:
To avoid large numbers of users seeing authorization prompts, many customers choose Admin approved users are pre-authorized and then manage user access via Salesforce Profiles or Permission Sets.
For more specifics, see Salesforce Help: Manage OAuth Access Policies for a Connected App
Summary
Avoid last minute issues. Test the change in sandbox now, then roll it out to production.
Next Steps:
- Turn on Connected Apps and OAuth in Nintex Admin.
- Review and set your preferred Salesforce OAuth Policy for the Nintex DocGen Connected App.
- Have users complete OAuth authorization.
Doing this now ensures your DocGen for Salesforce processes keep running smoothly—even after your 2026 upgrade.