I am trying to provide a third party vendor API access to our salesforce instance. I am confused whether I need to provide them an integration user with 'API only' profile permission and correct object security - or if I need to provide them a connected app access. Can someone explain what is the purpose of authenticating with a connected app vs a single user?
Connected App is used for oauth with salesforce .Let's say you have multiple users in the external system and each of them also exists as user in SFDC and they want to access their salesforce info . Connected app helps to go through oauth flow and gain a session Id.
While integration user is a single user who is allowed to do a data load or extract data.
It really depends on multiuser vs one user