function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
mobilemashupmobilemashup 

how many characters is the SFDC security token?

Hi,

We have a ruby on rails 2.0 app that is talking to the APIs and have been certified on the app exchange (so we have an api key).

  1. Some users CAN successfully connect to their SFDC accounts (enterprise edition, professional edition, developer edition)
  2. But other users (in other companies) get the dreaded "invalid security token/user locked out" error.
Both sets of users are passing their valid SFDC login/password/security tokens. We did notice that those users that CAN successfully login have a 25-character security token. While those that could NOT login have security tokens with ONLY 24 characters.

We looked at the security token email sent by Salesforce, and those users who could NOT login REALLY only have 24 characters. Example email from salesforce:

Your new security token is below. Note that security tokens are case sensitive.

User Name: <removed for security purposes>

Security Token: k5NfcZA7XmGIgnoedA0IZwsF

Please add your security token to your password. Note that you do not enter a security token in place of your password when logging into Salesforce via a browser.

How long is the security token supposed to be? Anyone know why some customers have security tokens with ONLY 24 characters, while others have 25 characters?

I appreciate any other ideas on how to solve this "login" mystery.

thanks.
SuperfellSuperfell
there's no fixed length, both 24 & 25 character length tokens are possible. you'll want a couple of things to help diagnose these, the exact error code and message from the login attempt, and to see what login history shows for that login attempt.