function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
whatstinwhatstin 

Having trouble getting Access Token with username/password

Hi All,

 

Not sure what I'm missing. I've been looking at this for a while and can't figure out what I'm doing wrong.  I'm trying to get a token that doesn't expire so that I can make calls to the REST api.  Here are some examples of my requests and responses.

 

None of these have worked.  What am I doing wrong?

 

curl -F "grant_type=password&client_id=my_remote_access_consumer_key&client_secret=my_remote_access_consumer_secret&username=dustin@example.com&password=my_password" https://na9.salesforce.com/services/oauth2/token

 

response: {"error":"unsupported_grant_type","error_description":"grant type not supported"}

 

curl -d "grant_type=password" -d "client_id=my_remote_access_consumer_key" -d "client_secret=my_remote_access_consumer_secret" -d "username=dustin@example.com" -d "password=my_password" https://na9.salesforce.com/services/oauth2/token

 

response: {"error":"invalid_grant","error_description":"authentication failure - Failed: API security token required"}

 

curl -d "grant_type=password&client_id=my_remote_access_consumer_key&client_secret=my_remote_access_consumer_secret&username=dustin@example.com&password=my_password" https://na9.salesforce.com/services/oauth2/token

 

response: {"error":"invalid_grant","error_description":"authentication failure - Failed: API security token required"}

 

Here's my attempt to use the SOAP login() method:

 

curl https://na9.salesforce.com/services/Soap/u/21.0 -H "Content-Type: text/xml; charset=UTF-8" -H "SOAPAction: login" -d @soap.txt

 

where soap.txt is:

 

<?xml version="1.0" encoding="utf-8" ?> <env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema"
<env:Body>
<n1:login xmlns:n1="urn:partner.soap.sforce.com">
<n1:username>dustin@example.com</n1:username>
<n1:password>my_password</n1:password>
</n1:login>
</env:Body>
</env:Envelope>

 

 

 

response:

<?xml version="1.0" encoding="UTF-8"?>

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">

 <soapenv:Body>

 <soapenv:Fault>

 <faultcode>soapenv:Client</faultcode>

 <faultstring>Element type &quot;env:Envelope&quot; must be followed by either attribute specifications, &quot;&gt;&quot; or &quot;/&gt;&quot;.</faultstring>

 </soapenv:Fault>

 </soapenv:Body>

</soapenv:Envelope>

 

 

I don't need to know how all of these work, just one.

 

Thanks in advance for the help.

Dustin

SuperfellSuperfell

 

This works for me, which seems similar to your example 2, note that i send the request to login.salesforce.com, and not a particular instance, this may be responsible for the errors you're seeing.
curl -d "username=sforce2@zaks.demon.co.uk" -d "password=password" -d "client_id=3MVG99OxTyEMCQ3hP1_9.Mh8dF9TWo9xz6pJ7Hn_6m5irZ1id.xk4XR89yKEuRufdqMbJuBobXTVOqnD0xri_" -d "client_secret=some_secret" -v -d "grant_type=password" https://login.salesforce.com/services/oauth2/token 

> POST /services/oauth2/token HTTP/1.1
> User-Agent: curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8l zlib/1.2.3
> Host: login.salesforce.com
> Accept: */*
> Content-Length: 201
> Content-Type: application/x-www-form-urlencoded
> 
< HTTP/1.1 200 OK
< Server: 
< Cache-Control: no-store
< Content-Type: application/json; charset=UTF-8
< Content-Length: 339
< Date: Thu, 12 May 2011 16:54:47 GMT
< 
* Connection #0 to host login.salesforce.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"id":"https://login.salesforce.com/id/00D300000000QSfEAM/00530000000dImzAAE","issued_at":"1305219288343", ....

 

 
whatstinwhatstin

This is quite strange.  Any chance I could Private Message you and give you my username/password?  

 

This is just a developer account that I'm doing this with.  It must be something wrong with how I've configured the app in the Remote Access setup screen.

 

Here is my remote access setup screen with some of the secret items blocked out:

http://bit.ly/kOj6kj
whatstinwhatstin

I found the solution.

 

If you go all the way down on this page:

http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com#Token_Refresh

 

You'll see that it says:

password

The API user's Salesforce.com password. If the client's IP address has not been whitelisted in your org, you must concatenate the security token with the password.

 

Ugh.

 

So, you have to log in, go to Setup > My Personal Information > Reset My Security Token.


Then, it will email you your security token.


Then, you take that security token and append it to your password in the curl request.

 

So, this works:

 

curl -d "grant_type=password" -d "client_id=my_remote_access_consumer_key" -d "client_secret=my_remote_access_consumer_secret" -d "username=dustin@example.com" -d "password=my_password+security_token" https://na9.salesforce.com/services/oauth2/token

 

For the record, that was buried and very poorly documented as far as I can tell.

 

This is from the Reset Security Token interface:

How to enter your security token:
 
When accessing salesforce.com either via a desktop client or the API from outside of your company's trusted networks:
 
If your password = "mypassword"
And your security token = "XXXXXXXXXX"
You must enter "mypasswordXXXXXXXXXX" in place of your password
 
Note that you do not enter a security token in place of your password when logging into salesforce.com via a browser.
kirkevonphillykirkevonphilly

Hi Simon,

 

I was working on an issue with Salesforce and oAuth using the password flow.

 

Your first reponse caught my eye.  I was just curious if you were using a dev instance or a production instance?

 

Whenever I attempt to use login.salesforce.com... as opposed to my naX.salesforce.com, I result in a {"error":"unknown_error","error_description":"retry your request"} message.  Your respose was the first that seemed to indicate someone had it working with simply login.salesforce.com

 

Thanks in advance!
DarRayDarRay

I had same trouble and got resolved by resetting security token.

 

The place of resetting security token had found on the menu on upper right coner which has links like this > <logged user> | Setup | Help

 

From those links select,

<Logged Username > My Settings > Personal > Reset My Security Token

instead of the place Setup > My Personal Information > Reset My Security Token

which cannot be locate for me.

 

I'm new to salesforce and i assumed there has been some UI changes make these difference.

 

Hope this would help someone like me. :)

 

Thanks

DarRay
prince babyprince baby
Its quite simple. I wonder why no one mentioned it here. You guys are doing it right except one part wrong.
grant_type=password, this is constant. Don't replace password with any password. keep it as it is. So this is what you have to run.

curl -d "grant_type=password" -d "client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" -d "client_secret=5014606373847379843894729400" -d "username=you@gmail.com" -d "password=mypassword1234rvloVsadfafsayTKwUvvnkv9uP" https://na9.salesforce.com/services/oauth2/token