Sign Up ›
  • Andy Edmonds
  • NEWBIE
  • 5 Points
  • Member since 2019
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 2
    Questions
  • 2
    Replies
6 replies

API login after MFA enforcement

Hi all,

With the enforcement of MFA coming next year, I've started to test an API I wrote for a client that allows their website to talk to Salesforce. It's working fine right now, but if I enable High Assurance on the profile, I can no longer use the API.

The website first retrieves an access token and then uses that in the header for all subsequent calls. 

With High Assurance selected on the profile, I am able to authenticate and get an access token back, but when I use that access token in the next call to retrieve some data (using a custom RestResource class), I get the following response:
  
[
    {
        "message": "This session is not valid for use with the REST API",
        "errorCode": "INVALID_SESSION_ID"
    }
]

This is the connected app settings:
User-added imageAny help or advice would be greatly appreciated!

Thanks

Andy​​​​​​​
0 replies

Files uploaded in classic vs lightning

I've noticed a difference in behaviour when it comes to files uploaded in classic versus files uploaded in lightning.

I came across is while creating a site page for a customer but have reproduced the issue repeatedly in a new org to test.

I have a site page that queries, and displays, 2 files uploaded to a record. 1 file was uploaded in classic, the other uploaded in lightning. No permission / sharing changes have been made to either file.

Internally, logged in as a system admin, the VF page queries and displays both images.

However, when viewing the same page via a site, the file uploaded in classic does not get returned in the query and therefore does not get displayed. The file uploaded in lightning is displayed fine.

After a couple of weeks back and forth with Salesforce support, I eventually created a video demonstrating the issue: https://vimeo.com/379713648 (password: salesforce-files-2019). It's a few minutes long so if you do watch, please bear with it!

Support is adamant that this is not a bug and that it needs to be handled by developer support. I can only say "I disagree" so many times before getting bored so here I am!

Surely either both files should be displayed or neither file should be displayed. The only difference is that one was uploaded in classic and one was uploaded in lightning.

Any thoughts?

Thanks!

Andy
6 replies

API login after MFA enforcement

Hi all,

With the enforcement of MFA coming next year, I've started to test an API I wrote for a client that allows their website to talk to Salesforce. It's working fine right now, but if I enable High Assurance on the profile, I can no longer use the API.

The website first retrieves an access token and then uses that in the header for all subsequent calls. 

With High Assurance selected on the profile, I am able to authenticate and get an access token back, but when I use that access token in the next call to retrieve some data (using a custom RestResource class), I get the following response:
  
[
    {
        "message": "This session is not valid for use with the REST API",
        "errorCode": "INVALID_SESSION_ID"
    }
]

This is the connected app settings:
User-added imageAny help or advice would be greatly appreciated!

Thanks

Andy​​​​​​​