Newer Version Available

This content describes an older version of this product. View Latest

Set Two-Factor Authentication Login Requirements for API Access

Salesforce admins can set the “Two-Factor Authentication for API Logins” permission to allow using a second authentication challenge for API access to Salesforce. API access includes the use of applications like the Data Loader and developer tools for customizing an organization or building client applications.
Available in: Both Salesforce Classic and Lightning Experience
Available in: Contact Manager, Database.com, Developer, Enterprise, Group, Performance, Professional, and Unlimited Editions

User Permissions Needed
To edit system permissions in profiles: Manage Profiles and Permission Sets
To enable this feature: Two-Factor Authentication for User Interface Logins

The “Two-Factor Authentication for User Interface Logins” permission is a prerequisite for the “Two-Factor Authentication for API Logins” permission. Users who have these permissions enabled have to complete two-factor authentication when they log in to Salesforce through the user interface. Users must download and install an authenticator app on their mobile device and connect the app to their Salesforce account. Then they can use verification codes (time-based one-time passwords, or TOTP) from the app for two-factor authentication.