+ Start a Discussion
Steve Berley [Left Propeller]Steve Berley [Left Propeller] 

One admin can get API tokens, but others can't.

I have three users. 
  • All use the standard System Administrator profile, Salesforce license as well as the same role and permission sets 
  • They're all using the same connected app client_id and client_secret.
  • The passwords are always submitted as PasswordToken
  • IP Relaxation is set to: Relax IP restrictions
  • Permitted users is set to: All users may self-authorize
  • I can login to the UI with any of the user id/password combinations 
  • I have an older app still that relies on password+token to login and have verified that the tokens are all working as well.
One userid/password combination is always successful the other two always fail.  When I curl with either of the two that fail, I get the dreaded 

{"error":"invalid_grant","error_description":"authentication failure"} errors and the login history for those users shows a status of Invalid Password, even though the password and token test to be good.

The only difference I can think of is the login that works is one that was used to create the org.

Needless to say this is driving me batty...

What do you all suggest?

SandhyaSandhya (Salesforce Developers) 

I would suggest you to reset the security token for other two users to whom its not working.This worked for me.

Best Regards,

Steve Berley [Left Propeller]Steve Berley [Left Propeller]
Thanks for the susggestion but I've already tried that - didn't work.