function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Abhijit ShrikhandeAbhijit Shrikhande 

Failed to login with a community user using simple-salesforce and api.

I created a community user in my Developer Org. Now I am trying to login using python. I am getting an error. If I try the same code with a Partner Portal User, then I am able to login. I have the api enabled on the Customer Community permission set.

Here is my code:
  
from simple_salesforce import Salesforce
sf = Salesforce(username='rose.gonzalez@edge.com.space', password='*****', security_token='', sandbox=False)

What other permissions do I need?

Thanks,
Abhijit
desmoquattrodesmoquattro
Which API is this? REST? SOAP? Another?
desmoquattrodesmoquattro
Also, have you made the permission set or the profile a member of any community?
desmoquattrodesmoquattro
BTW - With community cloud, there are a few differences under the hood in the authentication scheme. In general:
  • The URL endpoint you're logging in to is different. Instead of login.salesforce.com you'll need to log in at https://yourdomain/yourcommunitypath/
  • The user you're logging in to must be a member of that community.
  • Users with customer-tier licenses do not have roles, but those with partner tier (or customer+ tier) licenses do. I don't believe this affects authentication via the API, but it's good to be aware of.
There's this article that gives an oauth overview for community users:
https://developer.salesforce.com/docs/atlas.en-us.chatterapi.meta/chatterapi/quickstart_communities.htm

So looking at your code, I'm not sure how the Salesforce class in Python is supposed to work, but according to the documentation it apparently allows you to enter a URL:
https://pypi.python.org/pypi/simple-salesforce

Maybe try futzing with the way you make the call and see if any of the variations work with your community URL?

 
Abhijit ShrikhandeAbhijit Shrikhande
Can the Community User can login using a username, password authentication like the Partner user?

 
desmoquattrodesmoquattro
It's definitely possible, but as I mentioned above there's some important nuance. It's critical to compare apples to apples here, especially since you're using another platform's libraries (simple-salesforce), which may not have been updated to account for how authentication is handled with a community.

When you say you used a partner portal user, were you using this Python library with a portal user to log in to a portal? Or to a community? The distinction is very important. Users with legacy portal licenses can be made a member of a community. And while portals ran at the same domain and path as your regular salesforce org (e.g. https://naxx.salesforce.com/), communities run under a different domain and path (either https://my-registered-force-dot-com-domain.force.com/communitypath/ or under a custom domain like community.mycompany.com). So the endpoint location you log in to is important. So if that Python library is always trying to use naxx.salesforce.com or login.salesforce.com as the endpoint to log in, it will not work for logging in to a community.

Check out the library documentation (https://pypi.python.org/pypi/simple-salesforce) I mentioned in my last comment. The object seems to accept an instance parameter in some circumstances: 
sf = Salesforce(instance_url='https://na1.salesforce.com', session_id='')
If that library somehow allows you to pass an instance_url along with a username & password, it may work for a community. But if not, that library may need to be refactored to support community cloud and you might want to handle the authentication using something else.


 
Abhijit ShrikhandeAbhijit Shrikhande
When I say PartnerUser, I mean a user with PartnerUser logging to the community. In the fictitous examples below, I am able to use sean forbes to login to the community portal with the code I have, but unable to use jack forbes to login with the same code.

User-added image