+ Start a Discussion
hemmhemm 

INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session

I have a live application on AppExchange that has been working for many months.  It uses a Session to login.  A Salesforce Sales Engineer has it installed in a demo org of their's and he gets the error message INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session when it makes the getUserInfo call.  I have been working with him and have access to his org and know that the initial Session connection is being made (I have seen it connect in my code).  However, once the code makes the getUserInfo call, it gives that error message above.

I don't know if there is anything special about demo orgs, but from what I can tell, it looks fine.  In fact, he used this same org to connect to my system several months ago.

This org is on NA1.  I have other DE and EE orgs on NA1 that work with no issues.  It's just this one.

I am using the latest and greatest PHP toolkit.

Thoughts?
Best Answer chosen by Admin (Salesforce Developers) 
SuperfellSuperfell
is the "lock sessions to originating IP" setting turned on in the org ?

All Answers

SuperfellSuperfell
is the "lock sessions to originating IP" setting turned on in the org ?
This was selected as the best answer
hemmhemm
You are a smart man, Simon.  It's almost like you are one of the creators of the API and know everything about it ;)


That was the issue.  I had actually tried unchecking that box before, but I didn't think to log out and establish a new session.  Instead, I went right to the tab and got the same error.  This time, I unchecked that option, logged out, logged back in and tried the tab and it let me through.

Thanks!
gharvettgharvett

Also getting this exception.

I have the "Lock sessions to the IP address from which they originated" checkbox in my developer org, but it is not there in our company org (Professional Edition). Is this a setting that only applies to Enterprise/Unlimited/Developer Editions of Salesforce?

hemmhemm
It probably only applies to Orgs that have the API enabled.  I would assume that if you don't see it, it's the equivalent of it being unchecked.
Pooja05Pooja05
We are facing a similar error

(Invalid Session ID found in SessionHeader: Illegal Session. Session not found, missing session key: 00DT0000000FdiI!AQcAQNl9tOUIjrSadii4mix6kLMKXUVj1k5lqJ3XrxsI8WklCCETlqa.10IHl_lM83508AQo_1.0zJJjuXwqag6EabGMnoS7

We are creating a new session for every record.  It’s odd that it doesn’t happen for every record though. We were able to update 70% of records. Only the last 30% are erroring out because of Session Ids
 

Any ideas of what could be wrong.



Thanks,

Pooja