Yes. The integration performs no Salesforce logins of its own, so Salesforce's MFA requirements, including the Summer '26 standard requiring phishing-resistant MFA for privileged users such as System Administrators, are unaffected by it.

How the integration authenticates: Each Salesforce user connects their own Dropbox account through Dropbox's authorisation flow. The resulting credentials are stored in a protected setting inside your Salesforce org, and all file operations are outbound callouts from Salesforce to the Dropbox API. There is no scheduled sync user and no background Salesforce login, which is why the integration generates no login history.

Why it doesn't appear as a Connected App: Connected Apps represent external software logging into Salesforce via the API. Our integration is a native managed package. It never authenticates into Salesforce from the outside, so no Connected App entry or Salesforce OAuth token exists for it.

Note: MFA applies to your users' normal interactive Salesforce logins exactly as it would without the integration installed.

Related Articles

• Technical Guide [Full Guide]
• Does Beaufort 12 have a Data Processing Addendum (DPA)?