Salesforce OAuth authentication doesnt work with username and password

1
votes
  • I created a new connected app in salesforce
  • I am trying to authenticate using username and password - OAuth method to fetch a token using Postman
  • I am hitting the following endpoint https://login.salesforce.com/services/oauth2/token with my client_id, client_secret, username and password

  • I am getting the following error: { "error": "invalid_grant", "error_description": "authentication failure" }

  • The username and password are verified to be correct independently

What am I missing here?

1
oauth-2.0salesforcepostman
It takes 10-15 minutes after creating a connected app before its usable for login. - superfell
@superfell I have waited for much more than that. Also, if there's an issue with that, the error would be 'invalid client_id' since it would not recognise the client_id. - Abhinav Vadrevu
then post some code. - superfell
If you are on mac and you validate in Paw that it is working see paw.cloud and docs for Oath paw.cloud/docs/auth/oauth2 - Matthaus Woolard

1 Answers

3
votes

If you are using Username and Password OAuth authentication, please make sure you have concatenated the unique security key (for the username that you are using) with the password. For instance (example in Python), your request should be: 

import requests
import json

params = {
    "grant_type": "password",
    "client_id": "client_id", # Consumer Key
    "client_secret": "client_secret", # Consumer Secret
    "username": "username", # The email you use to login
    "password": "password + unique_security_key"}

headers = {'content_type':'application/x-www-form-urlencoded'}

r = requests.post("https://login.salesforce.com/services/oauth2/token", params=params, headers=headers)
access_token = r.json().get("access_token")
instance_url = r.json().get("instance_url")
print("Access Token:", access_token)
print("Instance URL", instance_url)

To get the security key:

  • Login to your Salesforce Account
  • Click on your username on the top right-hand side.
  • On the left-hand side pane, click on Personal > Reset My Security Token

A Unique security token will be sent to your email. Please concatenate the key with your password.

If you still experiencing the error, please check the following steps:

Navigate Apps > Manage Connected Apps > Your Connected App > Edit > OAuth Policies > Enable Permitted users to All users may self-authorize

AND

Manage Apps > Connected Apps > Your Connected App > Enable IP Relaxation to Relax IP restrictions.

Hope this helps.