Upcoming Authentication Change for Nintex DocGen for Salesforce – Take Action Before 2026
Some customers are still using an older authentication method that future package versions of Nintex DocGen for Salesforce (starting very early 2026) will no longer support.
We’re encouraging customers to switch to our supported authentication method, Connected Apps and OAuth, now so they won’t experience service interruptions or last-minute issues during a future app upgrade.
What’s Changing?
Starting with Nintex DocGen for Salesforce package versions released after January 2026, the app will no longer support running DocGen Packages without Connected Apps and OAuth enabled.
What this means:
- If you stay on your current package version (released before January 2026):
DocGen for Salesforce will continue working as it does today, even if you haven’t enabled OAuth yet. - If you upgrade to a new package version (released after January 2026) and have NOT enabled OAuth:
DocGen automated runs will fail with authentication errors.
Manual runs will still work, but each user will be prompted to authorize the app the first time they run a DocGen Package
What Customers Should Do Now
- Go to Nintex Admin → Settings in Salesforce
- Check the status of the Connected Apps and OAuth setting.
- If the setting is already ON, no further action is needed—you’re already using Connected Apps and OAuth and are ready for future updates.
- If the setting is OFF, we recommend turning it ON at your earliest convenience.
What to Expect After Enabling Connected Apps and OAuth
Important: How Users Will Experience This
| Scenario | What Happens |
| Manual Runs (button clicks, Lightning Component runs) | Users will see an Authorize and Run button the first time they generate a document. |
| Automated Runs | Will continue working if the automation user has already completed OAuth authorization. If not, these runs may fail until authorization happens. |
Optional: Controlling User Authorization Behavior
You can manage how users authorize Nintex DocGen in Salesforce by adjusting the Permitted Users OAuth Policy for the Connected App.
Two Options:
| Option | What It Means |
| All users may self-authorize (Default) | Each user will be prompted to authorize the first time they run a DocGen Package. |
| Admin approved users are pre-authorized | Only users with a specific Salesforce profile or permission set can run DocGen without needing to authorize manually. |
Tip:
To avoid large numbers of users seeing authorization prompts, many customers choose Admin approved users are pre-authorized and then manage user access via Salesforce Profiles or Permission Sets.
For more info, watch the short video below and see Salesforce help:
Manage OAuth Access Policies for a Connected App
Summary
| If you act now | If you wait until 2026 |
| No service disruption | Automated DocGen runs may fail |
| Users get authorized ahead of time | Urgent fixes and user communication needed |
| Smooth upgrade experience | Last-minute troubleshooting |
Next Steps:
- Turn on Connected Apps and OAuth in Nintex Admin.
- Review and set your preferred Salesforce OAuth Policy for the Nintex DocGen Connected App.
- Have users (or automation accounts) complete OAuth authorization.
Doing this now ensures your DocGen for Salesforce processes keep running smoothly—even after your 2026 upgrade.
Here are some more helpful links related to OAuth Community articles: