SOAP API Developer Guide

Getting Started
Reference
Data Model
Standard Objects
Core Calls
convertLead()
create()
delete()
emptyRecycleBin()
executeListView()
getDeleted()
getUpdated()
invalidateSessions()
login()
LoginResult
logout()
merge()
performQuickActions()
process()
query()
queryAll()
queryMore()
retrieve()
search()
undelete()
update()
upsert()
Describe Calls
Utility Calls
SOAP Headers
Using the API with Salesforce Features
Glossary
PDF

Newer Version Available

This content describes an older version of this product. View Latest

login()

Logs in to the login server and starts a client session.

login() calls count toward your API usage limits.

Note

Syntax

1LoginResult = connection.login(string username, string password);

Usage

Use the login() call to log in to the login server and start a client session. A client application must log in and obtain a sessionId and server URL before making other API calls.

When a client application invokes the login() call, it passes in a username and password as user credentials. Upon invocation, the API authenticates the credentials . It then returns the sessionId, the user ID associated with the logged-in username, and a URL that points to the Force.com API to use in all subsequent API calls.

Salesforce checks the IP address from which the client application is logging in, and blocks logins from unknown IP addresses. For a blocked login via the API, Salesforce returns a login fault. Then, the user must add their security token to the end of their password in order to log in. A security token is an automatically-generated key from Salesforce. For example, if a user's password is mypassword, and their security token is XXXXXXXXXX, then the user must enter mypasswordXXXXXXXXXX to log in. Users can obtain their security token by changing their password or resetting their security token via the Salesforce user interface. When a user changes their password or resets their security token, Salesforce sends a new security token to the email address on the user's Salesforce record. The security token is valid until a user resets their security token, changes their password, or has their password reset. When the security token is invalid, the user must repeat the login process to log in. To avoid this, the administrator can make sure the client's IP address is added to the organization's list of trusted IP addresses. For more information, see Security Token.

After logging in, make sure that your client application performs these tasks:

  • Sets the session ID in the SOAP header so that the API can validate subsequent requests for this session.
  • Specifies the server URL as the target for subsequent service requests. The login server supports only login calls.

Development tools differ in the way you specify session headers and server URLs. For more information, see the documentation for your particular development tool.

Multiple client applications can log in using the same username argument. However, this approach increases your risk of getting errors due to query limits. A user can have up to 10 query cursors open at a time. If 10 QueryLocator cursors are open when a client application, logged in as the same user, attempts to open a new one, then the oldest of the 10 cursors is released. If the client application attempts to open the released query cursor, an error results.

Note

The limit is 3600 calls to login() per user per hour. Exceeding this limit results in a “Login Rate Exceeded” error.

Enterprise and Partner Endpoints

In API version 11.1 and earlier, client applications built with the partner WSDL can send requests to the enterprise endpoint and enterprise WSDL applications can send requests to the partner endpoint. Beginning with version 12.0, this functionality is not supported.

Logging In When Using a Proxy

If you log in to Salesforce via a proxy, set the proxy host and port on the instance of the ConnectorConfig class that you use to log in. Optionally, set the username and password if you must authenticate on the proxy.

1ConnectorConfig config = new ConnectorConfig();
2config.setUsername(userId);
3config.setPassword(passwd);
4config.setAuthEndpoint(authEndPoint);
5config.setProxy(proxyHost, proxyPort);
6// Set the username and password if your proxy must be authenticated
7config.setProxyUsername(proxyUsername);
8config.setProxyPassword(proxyPassword);
9try {
10   EnterpriseConnection connection = new EnterpriseConnection(config);
11   // etc.
12} catch (ConnectionException ce) {
13  ce.printStackTrace();
14}

Session Expiration

Client applications do not need to explicitly log out to end a session. Sessions expire automatically after a predetermined length of inactivity, which can be configured in Salesforce from Setup by clicking Security Controls. The default is 120 minutes (two hours). If you make an API call, the inactivity timer is reset to zero.

Authenticating Active Self-Service Users

Starting with Spring ’12, the Self-Service portal isn’t available for new orgs. Existing orgs continue to have access to the Self-Service portal.

Note

To authenticate active Self-Service users, use the LoginScopeHeader to specify the Organization ID against which Self-Service users are authenticated. A Self-Service user must exist and be active before being authenticated (see SelfServiceUser).

Authenticating Customer Service Portal and Customer Community Users in Salesforce Communities

To authenticate an active Customer Community or Customer Portal user, use the LoginScopeHeader to specify the Organization ID of the org with communities. Customer Community and Customer Portal users must exist, be active, and belong to communities in the organization before being authenticated.

Logging Out

Salesforce recommends that you always call logout() to end a session when it is no longer needed. This call ends any child sessions in addition to the session being logged out. Logging out instead of waiting for the configured session expiration provides the most protection.

Sample Code—Java

This sample logs a user in with the specified username, password, and authentication endpoint URL. The sample writes user and session information to the console after a successful login. Before running this sample, replace the values for username, password, and authentication endpoint with valid values.

To learn how to generate and import the web service WSDL needed to make API calls, see Step 2: Generate or Obtain the Web Service WSDL in the Quick Start.

1public boolean loginSample() {
2   boolean success = false;
3   String username = "username";
4   String password = "password";
5   String authEndPoint = "https://login.salesforce.com/services/Soap/c/24.0/";
6
7   try {
8      ConnectorConfig config = new ConnectorConfig();
9      config.setUsername(username);
10      config.setPassword(password);        
11
12      System.out.println("AuthEndPoint: " + authEndPoint);
13      config.setAuthEndpoint(authEndPoint);
14
15      connection = new EnterpriseConnection(config);
16
17      // Print user and session info
18      GetUserInfoResult userInfo = connection.getUserInfo();
19      System.out.println("UserID: " + userInfo.getUserId());
20      System.out.println("User Full Name: " + userInfo.getUserFullName());
21      System.out.println("User Email: " + userInfo.getUserEmail());
22      System.out.println();
23      System.out.println("SessionID: " + config.getSessionId());
24      System.out.println("Auth End Point: " + config.getAuthEndpoint());
25      System.out
26            .println("Service End Point: " + config.getServiceEndpoint());
27      System.out.println();
28
29      success = true;
30   } catch (ConnectionException ce) {
31      ce.printStackTrace();
32   }
33
34   return success;
35}

Sample Code—C#

This sample logs a user in using the specified username and password. The result of the login call contains the service endpoint URL, which is the virtual server instance that’s servicing your organization, and a unique session ID. The sample sets these returned values on the binding. It sets the binding URL to the returned service endpoint. It also sets the session ID on the session header that is used on all API calls. Next, the sample writes user and session information to the console after a successful login. Before running this sample, replace the values for user name and password with valid values.

To learn how to generate and import the web service WSDL needed to make API calls, see Step 2: Generate or Obtain the Web Service WSDL in the Quick Start.

1public bool loginSample()
2{
3   Boolean success = false;
4   string username = "username";
5   string password = "password";
6
7   // Create a service object 
8   binding = new SforceService();
9 
10   LoginResult lr;
11   try
12   {
13      Console.WriteLine("\nLogging in...\n");
14      lr = binding.login(username, password);
15
16      /** 
17         * The login results contain the endpoint of the virtual server instance 
18         * that is servicing your organization. Set the URL of the binding 
19         * to this endpoint.
20         */
21      // Save old authentication end point URL
22      String authEndPoint = binding.Url;
23      // Set returned service endpoint URL
24      binding.Url = lr.serverUrl;
25
26      /** Get the session ID from the login result and set it for the 
27         * session header that will be used for all subsequent calls.
28         */
29      binding.SessionHeaderValue = new SessionHeader();
30      binding.SessionHeaderValue.sessionId = lr.sessionId;
31
32      // Print user and session info
33      GetUserInfoResult userInfo = lr.userInfo;
34      Console.WriteLine("UserID: " + userInfo.userId);
35      Console.WriteLine("User Full Name: " +
36            userInfo.userFullName);
37      Console.WriteLine("User Email: " +
38            userInfo.userEmail);
39      Console.WriteLine();
40      Console.WriteLine("SessionID: " +
41            lr.sessionId);
42      Console.WriteLine("Auth End Point: " +
43            authEndPoint);
44      Console.WriteLine("Service End Point: " +
45            lr.serverUrl);
46      Console.WriteLine();
47
48      // Return true to indicate that we are logged in, pointed  
49      // at the right URL and have our security token in place.     
50      success = true;
51   }
52   catch (SoapException e)
53   {
54      Console.WriteLine("An unexpected error has occurred: " +
55                                 e.Message + "\n" + e.StackTrace);
56   }
57   return success;
58}

Arguments

Name Type Description
username string Login username.
password string Login password associated with the specified username.

The login request size is limited to 10 KB.

Response

LoginResult

Faults

LoginFault

UnexpectedErrorFault