我需要在不使用安全令牌(soap api)的情况下在 dotnet 中登录 Salesforce 。
目前我们正在使用登录代码(soap api):
SforceService mySalesForceSerice= new SforceService();
LoginResult myLoginResult=mySalesForceSerice.login(username,String.Concat(password,***securityToken***));
this.SessionID = myLoginResult.sessionId;
this.ServerUrl = myLoginResult.serverUrl;
但我没有使用安全令牌例外
转到设置-> 安全控制-> 网络并输入服务器的 IP 地址或地址范围。来自白名单 IP 地址的登录尝试不需要安全令牌。
我对大多数服务器都执行此操作,因此从 Eclipse 部署时无需输入令牌。我也这样做,因此我使用 apex REST 服务的 curl 脚本是无令牌的。
If you look at the API reference for Login
Salesforce checks the IP address from which the client application is logging in, and blocks logins from unknown IP addresses. For a blocked login via the API, Salesforce returns a login fault. Then, the user must add their security token to the end of their password in order to log in. A security token is an automatically-generated key from Salesforce. For example, if a user's password is mypassword, and their security token is XXXXXXXXXX, then the user must enter mypasswordXXXXXXXXXX to log in. ..... . When the security token is invalid, the user must repeat the login process to log in. To avoid this, the administrator can make sure the client's IP address is added to the organization's list of trusted IP addresses. For more information, see Security Token.
Following the link indicates:
If Single Sign-On (SSO) is enabled for your organization, users who access the API or a desktop client cannot log in to Salesforce unless their IP address is included on your organization's list of trusted IP addresses or on their profile, if their profile has IP address restrictions set. Furthermore, the delegated authentication authority usually handles login lockout policies for users with the “Uses Single Sign-On” permission. However, if the security token is enabled for your organization, then your organization's login lockout settings determine the number of times a user can attempt to log in with an invalid security token before being locked out of Salesforce.
It seems to me that this is a security setting that needs to be set by your salesforce administrators, and cannot be bypassed.