Newer Version Available
Set Two-Factor Authentication Login Requirements for API Access
Salesforce admins can set the
“Two-Factor Authentication for API Logins” permission to allow using a second
authentication challenge for API access to Salesforce.
API access includes the use of applications like the Data Loader and developer tools for
customizing an organization or building client applications.
| Available in: Both Salesforce Classic and Lightning Experience |
| Available in: Contact Manager, Database.com, Developer, Enterprise, Group, Performance, Professional, and Unlimited Editions |
| User Permissions Needed | |
|---|---|
| To edit system permissions in profiles: | Manage Profiles and Permission Sets |
| To enable this feature: | Two-Factor Authentication for User Interface Logins |
The “Two-Factor Authentication for User Interface Logins” permission is a prerequisite for the “Two-Factor Authentication for API Logins” permission. Users who have these permissions enabled have to complete two-factor authentication when they log in to Salesforce through the user interface. Users must download and install an authenticator app on their mobile device and connect the app to their Salesforce account. Then they can use verification codes (time-based one-time passwords, or TOTP) from the app for two-factor authentication.