I'm trying to connect to a salesforce instance and pull data via a python script, but I'm having trouble right out of the gate. I have an email that supplies the following info:
Username
Profile Name
Id
Org Id
Access Token
Instance Url
Login Url
Alias
Password
I can log in to the Login URL directly, so I know that the credentials work. I'm trying to follow along with the simple-salesforce documentation, so my code is like this:
from simple_salesforce import Salesforce
import pandas as pd
sf = Salesforce(
username='test@example.com',
password='password',
security_token='the_provided_access_token')
Doing this, I get the error "SalesforceAuthenticationFailed: INVALID_LOGIN: Invalid username, password, security token; or user locked out."
I understand that there's a difference between a security token and an access token. I don't think I ever received a security token, is there a way to pass authentication with an access token instead? I'm very new to REST APIs and this is all a bit confusing.
I'm not sure about IP whitelisting, which I've heard can be an issue.
access_token is like a session id (stored in a cookie when you use SF as website). It'll become invalid eventually. Maybe 2h since last use, at most 12h I think. A proper integration should not rely on it.
You can use it if you really want but chances are it expired already. Check simple's documentation and modify
sf = Salesforce(instance='na1.salesforce.com', session_id='')
sf = Salesforce(instance_url='https://na1.salesforce.com', session_id='')
security token is special thing you can receive via email (and once you request it 1st time - fresh token will be sent with every password reset).
If you don't want to use security token but you know your app will alway use same IP addresses (because it'll be on some internal server) you could go to Setup -> Network Access and mark the IP ranges as safe. Access from them should be doable without security token (and website access - without one-time passwords sent to email)