Salesforce will begin turning on MFA for User Interface Logins on February 1, 2022.
S4S connects to Salesforce via a Salesforce API user (rather than a User Interface Login). The profile of this API user (or permission set if the profile is overridden) includes the "Multi-Factor Authentication for API Logins" checkbox. This should not be checked.
Also, in General User Permissions, the "Session Security Level Required at Login" under Session Settings must be set to "--None--".
The impact of incorrect settings will be a connection error similar to this:
Exception: System.Web.Services.Protocols.SoapException
Message: INVALID_SESSION_ID: This session is not valid for use with the API
Source: System.Web.Services
FuseIT recommends the following:
- The profile of the S4S API user is a dedicated profile with the settings described above
- You should avoid using a System Administrator profile or a copy of this profile
- We suggest the API user profile should have the "Api Only User" setting checked (see image below)
- MFA settings are temporarily excluded from Sandboxes
If you experience connection issues after 1 February please contact us.
Comments
0 comments
Please sign in to leave a comment.
Related articles