You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So this was an interesting issue we ran into the other day. Our company has a requirement that passwords be cycled every 90 days. One of our integrations uses a username/password combination to login. Someone noted the date the password expired on incorrectly and as a result our password expired before we reset it.
This resulted in a scenario that allows us to log in to Salesforce (Salesforce support later told us that this was an intended feature and not a bug), but any time we attempt to operate on any resource, the SDK attempts to reauthenticate due to an invalid auth token. This cycle continues until our integration times out or we hit the login limit and Salesforce then restricts our access due to repeated logins.
While I have feelings about Salesforce treating a login using expired username/password via their API as valid, I think that the SDK should be able to handle this scenario and not retry indefinitely.
The text was updated successfully, but these errors were encountered:
This looks like it's probably related to #1291. We ran into this last year and determined the loop was a bug in JSForce when it's handling failed login attempts, but at the time there was no real movement on bugfixes. We ended up bypassing the problem entirely by switching to the Salesforce OAuth2 client credential flow with a Connected App
So this was an interesting issue we ran into the other day. Our company has a requirement that passwords be cycled every 90 days. One of our integrations uses a username/password combination to login. Someone noted the date the password expired on incorrectly and as a result our password expired before we reset it.
This resulted in a scenario that allows us to log in to Salesforce (Salesforce support later told us that this was an intended feature and not a bug), but any time we attempt to operate on any resource, the SDK attempts to reauthenticate due to an invalid auth token. This cycle continues until our integration times out or we hit the login limit and Salesforce then restricts our access due to repeated logins.
While I have feelings about Salesforce treating a login using expired username/password via their API as valid, I think that the SDK should be able to handle this scenario and not retry indefinitely.
The text was updated successfully, but these errors were encountered: