+ Start a Discussion

2 diffrent URL returned by API ,'Permission Denied' error and my findings

In my scontrol, initially I use following statement to initialize the scontrol


sforceClient.init("{!API_Session_ID}", "{!API_Partner_Server_URL_70}",true);


Then I will query for different things and everything looks great. At particular point of time, I need switch to different user has having more permission to save record.  So I use following line to login


sforceClient.init(null, null, false);


var loginResult = sforceClient.login(usernameName, userpwdPwd);  //I used some mechanism to hide the userid and password


Login work fine , But when I tried update the record  I get the "Permission Denied" error because of ‘trying to get the data from across domain’ issue. I am trying to save the record in sales forces and I am not trying to access different domain. By enabling 'Access data sources across domains' option in IE, work fine.


I tried debug more on this and I think found an answer.


The URL from sforeceClient (sforceClient.getUrl()) before sforceClient.login (usernameName, userpwdPwd) = https://tapp0.salesforce.com/services/Soap/u/7.0?nocache=1345677777


The URL from sforeceClient (sforceClient.getUrl()) after sforceClient.login (usernameName, userpwdPwd) =



I don’t know why salesforce is returning different url and I think because of this I am getting permission denied error.

I store the old URL before login and used it later ( sforceClient.setURL(oldURl)), everything worked like a rock.


Please let me know, what Iam doing is valid one? Any suggesion is really appreciated.. It took solid half a day to figure out this problem.






What happens if, instead of "reusing" the sforceClient context, you create a new one and use that to log in.

By this I mean you instantiate a new Sforce.Client and log in with that one, making sure to use the same endpoint.

Caveat, I have not tried this, but it's an approach that I think would work.  Please let me know.

Hope it helps, Steve Bower

 //sforceClient.init("{!API_Session_ID}", "{!API_Partner_Server_URL_70}", false);

        // do whatever you need to do with sforceClient.
        records = sforceClient.query('select... etc.');

        // Now create an administrator login context
 var admin_username = "username";
 var admin_password = "password";

 var adminClient = new Sforce.Client();
  adminClient.setSessionId(null); // make sure you're using the same endpoint. adminClient.setUrl(sforceClient.getUrl());
adminClient.setLoginUrl(sforceClient.getUrl()); var admin_lr = AdminClient.Login(admin_username, admin_password); // Now do what you need with the adminClient. var u = adminClient.update(records); // etc.


There is a slight inconsistency between the merge field url and the url returned from the login call. You'll notice the -api in the login result url.

To get around this, after the successful login, reset the url using sforceClient.setUrl("{!API_Partner_Server_URL_70}");

This will reset the endpoint to the same one that the page is being served up from.


i also have the same requirement as u had (logging as admin). Can u please send me the code which u have used so i can see how have u implemented.

Appreciate your help.