+ Start a Discussion


We are a certified partner and in working with one of our prospects we are getting the error message INVALID_OPERATION_WITH_EXPIRED_PASSWORD when trying to access their account.  It doesn't appear that the actual login() call fails - just subsequent calls to the API.  They are using a professional edition trial account.  Our organization has access to the API for professional edition and we are not seeing issues with other accounts.  Is there something in the SF trial version of the account that would cause this error to be returned?  Is there something else I should look at?
The users password has expired (as indicated by the passwordExpired field in LoginResult), the only valid API call you can make with the session it returned is setPassword. Its got nothing to do with editions or trials.
You should be able to inspect the passwordExpired field in the login response.  An expired password can be used to login, but you are restricted as to what api calls can be made.



Indicates whether the password used during the login attempt is expired (True) or not (False). If the password has expired, then the AppExchange Web service returns a valid sessionId, but the only allowable operation is the setPassword call.



I'm getting this error too but my application uses session login ... calling setPassword doesn't make any sense for my application since I don't know the user's password nor do I want to reset it for them.  The user has to be logged into Salesforce already to use my application (which appears as a tab) so getting a password expired error is absurd.


I'm only getting this error on one account... other accounts are working fine right now.


Any ideas???


Also I just reset the password on the account that is getting this error to be sure and it's still giving the same error message. The password was reset less than two days ago, it's definitely not expired right now.

Steve (London)Steve (London)

Did you ever get to the bottom of this?


We're currently getting the same issue: INVALID_OPERATION_WITH_EXPIRED_PASSWORD for no good reason: I.e. th users password should definately not have expired.