+ Start a Discussion
dotNetkowdotNetkow 

REST API: Security token needed?

As shown here in Step Two of the Quick Start section, one should be able to get an access token by simply using the username/password combination.  When I went to a session on the REST API during Dreamforce 2011, this was a valid approach.  Now, we have to append the user's security token to the password.  Is it possible to avoid using the security token, or has Salesforce changed this for good?

 

UPDATE:

From the Digging Deeper into Oauth 2.0 page, found out that the security token is necessary unless "the client's IP address has been whitelisted in your org".  Adding a new trusted IP address range can be done via Setup -> Administration Setup -> Security Controls -> Network Access.

Best Answer chosen by Admin (Salesforce Developers) 
SuperfellSuperfell

If you use the username/password oauth flow you'll need the security token depending on where you login from, same as the soap API.

All Answers

SuperfellSuperfell

If you use the username/password oauth flow you'll need the security token depending on where you login from, same as the soap API.

This was selected as the best answer
dotNetkowdotNetkow

Ok - thanks Simon!