function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
TesterInSkyTesterInSky 

why the login soap call is able to return even if the password of the user is expired?

I am doing a test with the login operation. And recently, my password is exired. So I noticed that, the login call could return a sessionId and my user information, but if I use this session id to trigger another soap call, say query for example, it will be failed because of the password is expired.

 

I wonder, if the main purpose of this login call is to get a valid session for later use, why it does not throw an error when the password is expired, so we could caught the error at an earlier stage without checking the returned 'passwordExpired' status?

SuperfellSuperfell
It returns a sessionId, so that you can call setPassword/resetPassword and un-expire the password.