Salesforce Developer Security Authentication Api Login

salesforce-developer-security

// Salesforce Authentication - API Login:

The Salesforce platform has several APIs, based on SOAP and REST, that are 
avaliable to developers.  To use any of the APIs, a user must first authenticate 
to Salesforce. The two main methods used by developers are: 

1. SOAP API username/password login: http://sforce.co/2hjYpDl
2. OAUTH authentication flows: http://sforce.co/2hgUaIh

The REST API also permits a hybrid login solution where you can use the SOAP API 
to authenticate and get a session id.  This session id can then be substituted 
for the “Bearer Token” in the Authorization Header for all subsequent REST API 
calls.

Salesforce implements additional security protections for SOAP API logins. 
User's attempting to login via SOAP API from outside the org's Trusted IP range 
will be prompted for additional identify confirmation. This is done via a 
security token that must be appended to the password. 

This token can be obtained by users changing their password or resetting their 
security token from the Salesforce user interface. When a user changes their 
password or resets their security token, Salesforce sends a new security token 
to the email address on the user’s Salesforce record. The security token is 
valid until a user resets their security token, changes their password, or has 
their password reset.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License