Newer Version Available

This content describes an older version of this product. View Latest

Use Two-Factor Authentication for API Access

Administrators can set the “Two-Factor Authentication for API Logins” permission to allow using a second authentication challenge for API access to Salesforce.
Available in: Contact Manager, Database.com, Developer, Enterprise, Group, Performance, Professional, and Unlimited Editions

User Permissions Needed
To edit system permissions in profiles: “Manage Profiles and Permission Sets”
To enable this feature: “Two-Factor Authentication for User Interface Logins”

The “Two-Factor Authentication for User Interface Logins” permission is a prerequisite for “Two-Factor Authentication for API Logins”. So, once these permissions are enabled, users must enter a second authentication value when logging in to Salesforce through the user interface. This second factor of authentication is also called a “time-based token”.

Users can associate an authenticator app with their account to generate the time-based token value.