+ Start a Discussion

email header

currently I'm using the web services API to provision Salesforce users. I'm setting the email header to send the new user the temporary password in the following way:

EmailHeader emailHeader = new EmailHeader();
binding.setHeader("urn:partner.soap.sforce.com", "EmailHeader", emailHeader);
sr = binding.create(user);

For some reason, the first time the new user logs in to salesforce with my SAML-based SSO feature, it says the password is expired and asks the user to set a new password for security reasons with no fields for entering the old password or the security question. What the new user should really be seeing is a prompt to change his password, with fields for the old password, new password, and the security question. Why is this not happening?

I noticed that when I reset the password for the new user using the API, salesforce said that the password is expired and showed the first case that I talked about. So I'm guessing maybe, when I set the email header, salesforce also resets the password? But that doesn't make any sense...Anyway, when I take out that chunk of code about the email header, I get the correct prompt to change the password from old to new with the security question. Only problem is now I won't get the email with the temporary password that I can enter. So it's kind of a circular problem. Any ideas?