+ Start a Discussion

PHP API Login works with Developer Account/Fails with Production Account

I am trying to implement a PHP API setup for a client. My code works perfectly with my Developer Account Login and Password/Token. However, when I replace my username and password/token with my client's username/pass/token, I get the following response:

Array ( [faultcode] => ns1:INVALID_LOGIN [faultstring] => INVALID_LOGIN: Invalid username, password, security token; or user locked out. [detail] => Array ( [fault] => Array ( [exceptionCode] => INVALID_LOGIN [exceptionMessage] => Invalid username, password, security token; or user locked out. ) ) )

I had the client reset their password and security token just to make sure, and login still fails. The client has confirmed for me that her profile includes API Access. I am out of ideas on how to fix this. One account works perfectly, and the other fails every time. What am I missing here?

By the way, this is a non-profit account that I am working on.
Just wanted to post the solution to this. It had to do with nonstandard characters in the API request. There was a ! in the password, and it was causing the failure.
We have developed a php application, we are having a LOT of issues with this new feature, my client have called SF support they supposed to add the server IP to a white list  of trusted addresses and supposedly we wouldnt need the token anymore but my application still fails to log on showing:

PHP Fatal error: Uncaught SoapFault exception: [sf:LOGIN_MUST_USE_SECURITY_TOKEN] LOGIN_MUST_USE_SECURITY_TOKEN: Invalid username, password, security token; or user locked out. Are you at a new location? When accessing Salesforce--either via a desktop client or the API--from outside of your company’s trusted networks, you must add a security token to your password to log in. To receive a new security token, log in to Salesforce at http://www.salesforce.com and click Setup | My Personal Information | Reset Security Token. etc etc etc

Of course we have also tried to using the token with the password but still... does not work... so if anyone has aworkaround for this or have had a similar problem i appreaciate if you shed some light over here....

any ideas?

thnx in advance!
I'm guessing that your server's IP has not been properly whitelisted. I was running into the same security token problems last night, but they ceased entirely the moment I witelisted my server.

Depending on your permissions, you may be able to check for yourself.
Setup -> Administration Setup -> Security Controls -> Network Access

If the public IP(s) of the machine in question are not on the list, the security token is required.

Your machine may have more than one IP. On a *nix setup, type the following at the command prompt:

You're looking for any xxx.xxx.xxx.xxx that follows 'inet addr:' and is NOT
I had this same problem, and it was driving me nuts. I finally figured out that non-standard characters in the password were preventing access to the API.
The password for the client I was developing for was akin to "mypass!word"
The ! in the password was causing a problem when it was being sent though the API. I never did figure out how to solve this problem properly. I just had the client change the password to something that uses all standard numbers and letters, and the problem was solved.
I would test out the functionality with your developer account using a password with all standard numbers and letters. This will help you determine whether this is the problem or not.