Logs in to the login server and starts a client session.
LoginResult = connection.login(string username, string password);
Use the login() call to log in to the login server and start a client session. A client application must log in and obtain a sessionId and server URL before making any other API calls.
When a client application invokes the login() call, it passes in a username and password as user credentials. Upon invocation, the API authenticates the credentials and returns the sessionId for the session, the user ID associated with the logged-in username, and a URL that points to the Force.comAPI to use in all subsequent API calls.
Salesforce checks the IP address from which the client application is logging in, and blocks logins from unknown IP addresses. For a blocked login via the API, Salesforce returns a login fault. Then, the user must add their security token to the end of their password in order to log in. A security token is an automatically-generated key from Salesforce. For example, if a user's password is mypassword, and their security token is XXXXXXXXXX, then the user must enter mypasswordXXXXXXXXXX to log in. Users can obtain their security token by changing their password or resetting their security token via the Salesforce user interface. When a user changes their password or resets their security token, Salesforce sends a new security token to the email address on the user's Salesforce record. The security token is valid until a user resets their security token, changes their password, or has their password reset. When the security token is invalid, the user must repeat the login process to log in. To avoid this, the administrator can make sure the client's IP address is added to the organization's list of trusted IP addresses. For more information, see Security Token.
After logging in, a client application needs to perform these tasks:
Development tools differ in the way you specify session headers and server URLs. For more information, see the documentation for your particular development tool.
In version 11.1 of the API and earlier, client applications built with the partner WSDL can send requests to the enterprise endpoint and enterprise WSDL applications can send requests to the partner endpoint. Beginning with version 12.0, this is not supported.
If you log into Salesforce, via a proxy, set the proxy host and port on the instance of the ConnectorConfig class that you use to log in. Optionally, you may need to set the username and password, if you must authenticate on the proxy.
ConnectionConfig config = new ConnnectionConfig(); config.setUsername(userId); config.setPassword(passwd); config.setAuthEndpoint(authEndPoint); config.setProxy(proxyHost, proxyPort); // Set the username and password if your proxy must be authenticated config.setProxyUsername(proxyUsername); config.setProxyPassword(proxyPassword); try { EnterpriseConnection connection = new EnterpriseConnection(config); // etc. } catch (ConnectionException ce) { ce.printStackTrace(); }
Client applications do not need to explicitly log out to end a session. Sessions expire automatically after a predetermined length of inactivity, which can be configured in Salesforce by clicking . The default is 120 minutes (two hours). If you make an API call, the inactivity timer is reset to zero.
To authenticate active Self-Service users, use the LoginScopeHeader to specify the Organization ID against which Self-Service users are authenticated. A Self-Service user must exist and be active before being authenticated (see SelfServiceUser).
Salesforce recommends that you always call logout() to end a session when it is no longer needed. This ends any child sessions as well as the session being logged out. Logging out instead of waiting for the configured session expiration provides the most protection.
public boolean login() { boolean success = false; String userId = getUserInput("UserID: "); String passwd = getUserInput("Password: "); ConnectorConfig config = new ConnectorConfig(); config.setUsername(userId); config.setPassword(passwd); config.setAuthEndpoint(authEndPoint); config.setCompression(true); try { connection = new EnterpriseConnection(config); GetUserInfoResult userInfo = connection.getUserInfo(); System.out.println("\nLogging in ...\n"); System.out.println("UserID: " + userInfo.getUserId()); System.out.println("User Full Name: " + userInfo.getUserFullName()); System.out.println("User Email: " + userInfo.getUserEmail()); System.out.println(); System.out.println("SessionID: " + config.getSessionId()); System.out.println("Auth End Point: " + config.getAuthEndpoint()); System.out.println("Service End Point: " + config.getServiceEndpoint()); System.out.println(); success = true; } catch (ConnectionException ce) { ce.printStackTrace(); } return success; }
private void login() { // Create service object binding = new SforceService(); // Invoke the login call and save results in LoginResult LoginResult lr = binding.login("username","password"); if (!lr.passwordExpired) { // Reset the SOAP endpoint to the returned server URL binding.Url = lr.serverUrl; // Create a new session header object // Add the session ID returned from the login binding.SessionHeaderValue = new SessionHeader(); binding.SessionHeaderValue.sessionId = lr.sessionId; GetUserInfoResult userInfo = lr.userInfo; } else { Console.WriteLine("Your password is expired."); } }
| Name | Type | Description |
|---|---|---|
| username | string | Login username. |
| password | string | Login password associated with the specified username. |