You need to sign in to do that
Don't have an account?
INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session
Hi,
We have an integration that has been using version 10 of the API and it works fine. I'm interesting in migrating to a later version of the API but am getting the error message
INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session
when I try this. The integration uses a partner WSDL. Basically, a login is issued and it returns successful, we grab the serverURL and sessionID and use them to make subsequent calls. New sessions appear to be created but still getting the error message when trying to make any call after login; e.g. describeSObject.
I've changed the "Lock sessions to the IP address from which they originated", then logout but still getting the error message.That seemed to be on setting that was common to others who had this issue.
Again, v10 of the API, we have no issues like this. The only thing different is the endpoint - the basic SOAP to login is the sam and I get a valid response upon login.
Does anyone have any thoughts?
Thanks in advance,
Tony
Your SessionHeader and sessionId elements in the soap header are not in any namespace, they need to be in the xml namesapce defined by the WSDL. The newer API endpoints are stricter about this.
All Answers
Can you post an example of the request that gets this error, are you perhaps sending a partner API request to the enterprise API endpoint ?
Thanks, Simon. I'm using the endpoint specified in serverURL after a successful login. Here is part of the response from a successful login using API v19:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="urn:partner.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<loginResponse>
<result>
<metadataServerUrl>https://na2-api.salesforce.com/services/Soap/m/19.0/00D400000008fyh</metadataServerUrl>
<passwordExpired>false</passwordExpired>
<sandbox>false</sandbox>
<serverUrl>https://na2-api.salesforce.com/services/Soap/u/19.0/00D400000008fyh</serverUrl>
<sessionId>00D400000008fyh!AQ0AQNagxHJAqUkVbpGFF0ueoIdEKjwiMTntm4zYEy5QrIhpKpZsE.vCkMCEeIZTRxPNxohvX45eVB5qbtzodGBeZHh9y3kT</sessionId>
<userId>00540000000zBGjAAM</userId>
<userInfo>
[snip...]
</userInfo>
</result>
</loginResponse>
</soapenv:Body>
</soapenv:Envelope>
So re-using the highlighted serverURL as our endpoint and the session ID, this is a describeSObject request.
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/1999/XMLSchema" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<SOAP-ENV:Header>
<SessionHeader>
<sessionId xsi:type="xsd:string">00D400000008fyh!AQ0AQNagxHJAqUkVbpGFF0ueoIdEKjwiMTntm4zYEy5QrIhpKpZsE.vCkMCEeIZTRxPNxohvX45eVB5qbtzodGBeZHh9y3kT</sessionId>
</SessionHeader>
<CallOptions>
<client xsi:type="xsd:string">OpenAir/1.0</client>
</CallOptions>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<sforce:describeSObject xmlns:sforce="urn:partner.soap.sforce.com">
<sforce:sObjectType xsi:type="xsd:string">Opportunity</sforce:sObjectType>
</sforce:describeSObject>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
but this yields a response like this:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sf="urn:fault.partner.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<soapenv:Fault>
<faultcode>sf:INVALID_SESSION_ID</faultcode>
<faultstring>INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session</faultstring>
<detail>
<sf:UnexpectedErrorFault xsi:type="sf:UnexpectedErrorFault">
<sf:exceptionCode>INVALID_SESSION_ID</sf:exceptionCode>
<sf:exceptionMessage>Invalid Session ID found in SessionHeader: Illegal Session</sf:exceptionMessage>
</sf:UnexpectedErrorFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
which is odd since the session is a new session.
Fwiw, the v10 partner endpoint we're using looks like this:
https://na2-api.salesforce.com/services/Soap/u/10.0/00D400000008fyh
if that helps at all.
Thanks for any help or insight,
Tony
Your SessionHeader and sessionId elements in the soap header are not in any namespace, they need to be in the xml namesapce defined by the WSDL. The newer API endpoints are stricter about this.
Ah, that was it! Thanks Simon.
Tony