Connection Error with Username/Password
129 views
Skip to first unread message
Peter Churchill
Jan 12, 2024, 10:35:45 AM1/12/24
to Illuminated Cloud Q&A
I am getting a weird connection error I haven't seen before - it's happened in two new sandboxes.
As I have many times, I am creating a Connection using the standard Username/Password connection. I have added my IP address to Network Access, so it normally just lets me connect.
But instead, I am seeing this behavior.
Click Test and it works, and in the login history I see :
[MY IP Address] Other Apex API Success
But I then immediately get an error in IC when it tries to do the initial metadata read, saying :
LOGIN_MUST_USE_SECURITY_TOKEN: Invalid username, password, security token; or user locked out.
And in the login history, I see a second entry with these details:
13.110.74.8 Other Apex API Failed: API security token required
According to WhoIs, that is SFDC IP address.
If I add that IP address to Network Access, it works, but I don't understand why IC would generate a login from a SFDC IP address? Any ideas what is happening here?
Thanks
But instead, I am seeing this behavior.
Click Test and it works, and in the login history I see :
[MY IP Address] Other Apex API Success
But I then immediately get an error in IC when it tries to do the initial metadata read, saying :
LOGIN_MUST_USE_SECURITY_TOKEN: Invalid username, password, security token; or user locked out.
And in the login history, I see a second entry with these details:
13.110.74.8 Other Apex API Failed: API security token required
According to WhoIs, that is SFDC IP address.
If I add that IP address to Network Access, it works, but I don't understand why IC would generate a login from a SFDC IP address? Any ideas what is happening here?
Thanks
Scott
Jan 12, 2024, 10:42:35 AM1/12/24
to Illuminated Cloud Q&A, peternc...@gmail.com
That is strange, Peter. Not sure why that would happen as IC2 is just using the standard login SOAP API passing the concatenated password + security token as the password. Since you shouldn't need a security token, it would only use the former for that parameter. And I'm not sure why the client IP address wouldn't just be the public-facing IP address of your machine.
Given that I can't explain what's going on, the main alternative would be to create an OAuth connection to this org and use that with the project. Since that uses Web login flow, all credentials would be submitted from within Salesforce's own networks. Otherwise you'll likely need to file a support case with Salesforce to see if they can shed any light on why an API-based login isn't working.
Regards,
Scott Wells
Peter Churchill
Jan 12, 2024, 11:02:21 AM1/12/24
to Illuminated Cloud Q&A, Scott
Thanks Scott. oAuth does seem to work, but also seems slower when I am just doing simple updates via IC, so tend to avoid for quick projects.
The other odd thing is that it only seems to happen with new connections - ones setup in recent weeks seem ok, as if this is a new issue with sandboxes (it worked fine with a new dev org)
I'll ask around in case something changed that isn't in release notes etc
The other odd thing is that it only seems to happen with new connections - ones setup in recent weeks seem ok, as if this is a new issue with sandboxes (it worked fine with a new dev org)
I'll ask around in case something changed that isn't in release notes etc
Scott
Jan 12, 2024, 11:06:07 AM1/12/24
to Illuminated Cloud Q&A, peternc...@gmail.com, Scott
OAuth connections should be significantly more efficient to use as of 2.2.9.2:
Previously using them would result in much more frequent calls to the CLI, but in recent builds (and of course going forward), IC2 should only be engaging the CLI to get connection information exactly as needed. If you're still seeing them being significantly slower than native connections, I'd love to know about that so that I can figure out what inefficiencies still remain.
Regarding this being a recent change in behavior, perhaps it has to do with the Spring '24 preview window? Not sure...
Regards,
Scott Wells
Reply all
Reply to author
Forward
0 new messages