+ Start a Discussion
Suresh_SoftsquareSuresh_Softsquare 

LOGIN_MUST_USE_SECURITY_TOKEN exception even after white listing Salesforce IP

I have implemented logic to invoke Force.com API's login method from apex (I am constructing the SOAP message through the code and post it as HTTP callout to the API endpoint). It used to work fine by sending username and password alone (without the security token). About a month ago we found that the login failed. We then added the Salesforce IPs in Network Access. The salesforce IPs are obtained from the wiki page below
https://help.salesforce.com/apex/HTViewSolution?urlname=Salesforce-IP-Address-to-whitelist&language=en_US

After this, the login worked. But starting from last week, we are again facing an issue. We are getting the "LOGIN_MUST_USE_SECURITY_TOKEN" exception from the API. After some research on this, I found that the source IP address of Salesforce in the HTTP request is different from the ones provided in the list. Has Salesforce added new IP ranges for their servers? Even after adding the IP, that I found, I am getting the same exception. Only when I include the Security token, the login succeeds. Anybody here facing the same issue? Any idea here would be greatky appreciated.

Thanks in advance
Suresh Kumar
tggagnetggagne
Check that an administrator has added IP restrictions to your user's profile as well.  IP restrictions may exist both places.
tggagnetggagne
Oh, and you're supposed to add your /own/ ip address to the network access page--not Salesforce's.  The network access IP lists are for the client's IP addresses--not the servers.

Ask Google, "what's my ip address (https://www.google.com/search?q=what%27s+my+ip+address)" and it'll tell you without having to visit any other pages.