function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

REST API Quickstart - Requesting a security token

We are using cURL (per quickstart instructions) to initiate REST API connectivity. 

When issuing the command to get a security token - - we get back the error:

Failed: API security token required","error":"invalid_grant"

Which seems odd, since we're asking for the token. The client_id, client_secret, grant_type, username, and password all look fine. 

Assuming all that information is correct, what other reasons would the app not grant a security token?
For programatic logins you may need to include the users API security token (this is a token belonging to the user, they can reset it via setup). Whether this is required or not depends on the security & network settings in your org. This is a separate token to the OAuth token, which is a per user/per application token. 
Thanks for your response. I'm familiar with getting my API security token manually through the SF UI. The API Quickstart seems to be specifying a an API call to actually get the token, so it can be used in subsequent calls. But then it says we need a token...
The error message is asking you to provide the users API security token, this is different to the OAuth you are making the request for.
Yes - I finally realized that! So API Security token initially, and then an OAuth refresh token for subsequent token requests. Thanks