+ Start a Discussion
jon1.3903427820537283E12jon1.3903427820537283E12 

REST API Quickstart - Requesting a security token

We are using cURL (per quickstart instructions) to initiate REST API connectivity. 

When issuing the command to get a security token - https://na11.salesforce.com/services/oauth2/token - we get back the error:

Failed: API security token required","error":"invalid_grant"

Which seems odd, since we're asking for the token. The client_id, client_secret, grant_type, username, and password all look fine. 

Assuming all that information is correct, what other reasons would the app not grant a security token?
SuperfellSuperfell
For programatic logins you may need to include the users API security token (this is a token belonging to the user, they can reset it via setup). Whether this is required or not depends on the security & network settings in your org. This is a separate token to the OAuth token, which is a per user/per application token. 
jon1.3903427820537283E12jon1.3903427820537283E12
Thanks for your response. I'm familiar with getting my API security token manually through the SF UI. The API Quickstart seems to be specifying a an API call to actually get the token, so it can be used in subsequent calls. But then it says we need a token...
SuperfellSuperfell
The error message is asking you to provide the users API security token, this is different to the OAuth you are making the request for.
jon1.3903427820537283E12jon1.3903427820537283E12
Yes - I finally realized that! So API Security token initially, and then an OAuth refresh token for subsequent token requests. Thanks