Do I need security token to connect to Salesforce API?

Question

I'm trying to connect to the Salesforce SOAP API using JSForce

const connection = new jsforce.Connection({
  loginUrl: "https://customdomain.my.salesforce.com",
});
await connection.login(username, password);

When I run this I get the following error

Error: INVALID_LOGIN: Invalid username, password, security token; or user locked out.
    at /Users/juancaicedo/code/calm/salesforce-poc/node_modules/jsforce/lib/connection.js:1552:13
    at tryCallOne (/Users/juancaicedo/code/calm/salesforce-poc/node_modules/promise/lib/core.js:37:12)
    at /Users/juancaicedo/code/calm/salesforce-poc/node_modules/promise/lib/core.js:123:15
    at flush (/Users/juancaicedo/code/calm/salesforce-poc/node_modules/asap/raw.js:50:29)
    at processTicksAndRejections (internal/process/task_queues.js:75:11)
(Use `node --trace-warnings ...` to show where the warning was created)

Is this an okay way to authenticate, or should I do something else? I've seen mention of a security token elsewhere, is that preferred?

Notes

I'm able to log on to the Salesforce UI successfully using these credentials ✅

I would be open to using another Node.js library, but do need to use the SOAP API (using the REST API would not be sufficient).

Boba Fett Boba Fett · Accepted Answer · 2021-03-03T02:00:31

Some Salesforce orgs require the security token to be passed as well. You might find your token and try passing that in your API call.

https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_concepts_security.htm

Do I need security token to connect to Salesforce API?

Notes

2 Answers