Salesforce WSDL Api login using SOAPUI – Issues and Solution
(Ubuntu 14.04, Salesforce Api version 43.0, SoapUI-x64-5.4.0)
If you want to test salesforce login api call before actual implementation then you can use SoapUI. It is an open source soap api testing tool. Make sure you are using latest SOAPUI version because latest salesforce api support TLS1.2 or above protocols. If you have lower version than specified you will not be able to test the api using SOAPUI.
Step1: Generate Wsdl file
Go to Quick find box -> type API -> Select the API option.
You will see the below screen.
Click the link, your wsdl will open in the browser. Save the generated wsdl file.
Step2 : Download Soap UI
SOAPUI is the open source tool. Go to the SOAPUI official site link https://www.soapui.org/downloads/latest-release.html
And download and install it on your system.
Step3 : Create Soap Project and import your wsdl
Create a new soap project and import your salesforce wsdl generated in step1.
After above steps you will see all available methods as shown in below screenshot.
Step 4 : Login Api call
The default request is:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com">
<soapenv:Header>
<urn:LoginScopeHeader>
<urn:organizationId>?</urn:organizationId>
<!--Optional:-->
<urn:portalId>?</urn:portalId>
</urn:LoginScopeHeader>
</soapenv:Header>
<soapenv:Body>
<urn:login>
<urn:username>?</urn:username>
<urn:password>?</urn:password>
</urn:login>
</soapenv:Body>
</soapenv:Envelope>
Below are some Important points :
1) The password is not only your password. It is the combination of password +your security token. If your password is 123 and security token is “as#$SDFd” then your password will become “123as#$SDFd” which you have to use otherwise it will not work.
2) The header is optional. If you pass username and password without any headers you will still get result.
I have some examples of invalid requests that I tried as per documentation but didn’t work.
Example Request 1:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com">
<soapenv:Header>
<urn:LoginScopeHeader>
<urn:organizationId>type organization id here</urn:organizationId>
</urn:LoginScopeHeader>
</soapenv:Header>
<soapenv:Body>
<urn:login>
<urn:username>email</urn:username>
<urn:password>password</urn:password>
</urn:login>
</soapenv:Body>
</soapenv:Envelope>
Response:
<soapenv:Fault>
<faultcode>sf:INVALID_LOGIN</faultcode>
<faultstring>INVALID_LOGIN: Invalid username, password, security token; or user locked out.</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>INVALID_LOGIN</sf:exceptionCode>
<sf:exceptionMessage>Invalid username, password, security token; or user locked out.</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>
Example Request 2:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com">
<soapenv:Header>
<urn:LoginScopeHeader>
<urn:organizationId>type organization id here</urn:organizationId>
</urn:LoginScopeHeader>
</soapenv:Header>
<soapenv:Body>
<urn:login>
<urn:username>email</urn:username>
<urn:password>password+securitytoken</urn:password>
</urn:login>
</soapenv:Body>
</soapenv:Envelope>
Response:
<soapenv:Fault>
<faultcode>sf:INVALID_LOGIN</faultcode>
<faultstring>INVALID_LOGIN: Invalid username, password, security token; or user locked out.</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>INVALID_LOGIN</sf:exceptionCode>
<sf:exceptionMessage>Invalid username, password, security token; or user locked out.</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>
Example Request 3:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com">
<soapenv:Body>
<urn:login>
<urn:username>email</urn:username>
<urn:password>password</urn:password>
</urn:login>
</soapenv:Body>
</soapenv:Envelope>
Response:
<soapenv:Fault>
<faultcode>sf:LOGIN_MUST_USE_SECURITY_TOKEN</faultcode>
<faultstring>LOGIN_MUST_USE_SECURITY_TOKEN: Invalid username, password, security token; or user locked out. Are you at a new location? When accessing Salesforce--either via a desktop client or the API--from outside of your company’s trusted networks, you must add a security token to your password to log in. To get your new security token, log in to Salesforce. From your personal settings, enter Reset My Security Token in the Quick Find box, then select Reset My Security Token.</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>LOGIN_MUST_USE_SECURITY_TOKEN</sf:exceptionCode>
<sf:exceptionMessage>Invalid username, password, security token; or user locked out. Are you at a new location? When accessing Salesforce--either via a desktop client or the API--from outside of your company’s trusted networks, you must add a security token to your password to log in. To get your new security token, log in to Salesforce. From your personal settings, enter Reset My Security Token in the Quick Find box, then select Reset My Security Token.</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>
Finally I found the solution.
The correct request is :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com">
<soapenv:Body>
<urn:login>
<urn:username>your email</urn:username>
<urn:password>password + security token</urn:password>
</urn:login>
</soapenv:Body>
</soapenv:Envelope>