+ Start a Discussion
Raymond ZhuRaymond Zhu 

Authenticate to SOAP API using portal user credentials

Hi All, I am thinking is it possible to use portal user credentials to authenticate to SF SOAP API? If yes, how?


Basically, I have done a bit of research and coding for that, and it seems the answer to this question is no. As to use SOAP API, I need to provide user name and password+security token for the authentication. But the situation for portal users is that there is no such a way to retrieve their security token.


Woule be very appreciated if anyone can confirm my answer or point me to a right way if I am wrong.





Santhosh KumarSanthosh Kumar

Portal users cannot have API access so you cannot use SOAP api using their credentials.

Daniel HaselhanDaniel Haselhan

If you are talking about Customer Portal users this can definitely be done.


You do not need to use your security token, just the plain password and be sure to specify the Customer Portal Id in the setLoginScopeHeader. You may need to add the ip of the server your application is running from to the trusted list to achieve this.


Example Login Code Below:

			// Portal User Login
			ConnectorConfig config = new ConnectorConfig();
			EnterpriseConnection sforceConnection = Connector.newConnection(config);
			sforceConnection.setLoginScopeHeader(ORGANIZATIONID, PORTALID);
			LoginResult loginResult = sforceConnection.login(USERNAME, PASSWORD);



Chakradhari GadigeChakradhari Gadige
Hi Reymond,

You need to have , Username ,Password & SFDC Org ID for the same.

        $authEndPoint = "https://login.salesforce.com/services/Soap/c/24.0/";   
        $USERNAME = $user_data['email'];
        $PASSWORD = $user_data['password'];
        $LOGINSCOPEHEADER = '00DcXXXXXXXX';  // your Salesforce.com Organization ID (Company information page)

        try {
          $mySforceConnection = new SforcePartnerClient();
          $mySoapClient = $mySforceConnection->createConnection(SOAP_CLIENT_BASEDIR.'/partner.wsdl.xml');
          $header = new LoginScopeHeader($LOGINSCOPEHEADER);
          $mylogin = $mySforceConnection->login($USERNAME, $PASSWORD);
          $user_info = $mySforceConnection->getUserInfo();
          $array = (array)$user_info;

          header('HTTP/1.0 200 OK'); 

          echo "logged"; 

        } catch (Exception $e) {
            header('HTTP/1.0 400 Bad Request'); 
            header('Content-Type: application/json');
          echo $e->faultstring;