function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
badibadi 

SESSION_INVALID_ID: Session is not valid to use with API - two factor authentication and Force.com IDE

We have implemented Salesforce IP based condition Two-factor Authentication with login flow. The flow bypasses two factor authentication if the user is logging in from our Corporate IP range and challenges user only if they are logging in from outside of the corporate IP range
 
While testing we noticed that when Profile is included in a login flow and Session Level Settings is set to “High Assurance” we cannot access Data Loader and Force.com IDE.
Force.com IDE gives the error “SESSION_INVALID_ID: Session is not valid to use with API -  two factor authentication and Force.com IDE”.
Workaround is to set the session level setting to “None”. But this will not challenge the user with Two-Factor Authentication with Salesforce Authenticator app every time.

Any suggestion is greatly appreciated. Thank you