restforce: Getting authentication failure error

Hi,

I can understand the obvious reason of this can be wrong client_id or client_secret or user credentials but the same credentials are working with databasedotcom gem.

When I tried it with restforce like

client = Restforce.new :client_id => "***G9ZL0ppGP5UrDYpAXumi8nwstjCLYvheoFNrg3PyY6BEy4p98VyOKsrAUEqKRjC4cUPHz07yMttAGc9***", :client_secret => "5713668283413776***", host: 'test.salesforce.com', :username => "manoj***@gmail.com", :password => "manoj***Uwy4XwMytmAQZvpJb7aub***", :security_token => "Uwy4XwMytmAQZvpJb7aub***"

client.query('select Id, Name from User').first

I got error Restforce::AuthenticationError: invalid_grant: authentication failure

And when I tried it with databasedotcom like

client = Databasedotcom::Client.new :client_id => "***G9ZL0ppGP5UrDYpAXumi8nwstjCLYvheoFNrg3PyY6BEy4p98VyOKsrAUEqKRjC4cUPHz07yMttAGc9***", :client_secret => "5713668283413776***"
client.host = 'test.salesforce.com'
client.authenticate :username => "manoj***@gmail.com", :password => "manoj***Uwy4XwMytmAQZvpJb7aub***"

And it just worked fine. Please correct me if I am missing something.

About this issue

  • Original URL
  • State: open
  • Created 9 years ago
  • Reactions: 3
  • Comments: 39

Most upvoted comments

Had this error today and found something that fixed it

Going to connected apps in salesforce and changing ‘permitted users’ from ‘Admin approved users are pre-authorized’ to ‘All users may self-authorize’ immediately fixed it for me.

+10
jmagoon on Jun 9, 2015

For me the restforce documentation was wrong. I had to remove the security token option for it to work. So instead of:

client = Restforce.new :username => 'foo',
  :password       => 'bar',
  :security_token => 'security token',
  :client_id      => 'client_id',
  :client_secret  => 'client_secret'

it’s

client = Restforce.new :username => 'foo',
  :password       => 'bar',
  :client_id      => 'client_id',
  :client_secret  => 'client_secret'
+8
tmac on Mar 22, 2016

Hey there @timrogers I think I might have found what this is, or at least why I am getting invalid_grant errors.

The system I am building sends messages one at a time as they come in, this all works perfectly, then suddenly, after a busy period I just start getting invalid_grants.

As this sounded like a limit issue to me (working -> high traffic -> not working) I investigated, and sure enough, I was doing more than 3600 requests in an hour and hitting the Salesforce 3600 logins per hour limit (we use username / password in our request). -> https://help.salesforce.com/s/articleView?id=000312767&type=1

Looking around, I can’t find a way to tell RestForce to use the same SessionId as a previous request, does RestForce support this?

As a second note, I’m getting “invalid_grant” from Salesforce as the error, not too many logins or some other helpful message 😃

After a bit of thinking, I tried implementing a simple thread based cache on the RestForce client for my background job, and this seems to be working…

So for others who might be hitting this, instead of something like this:

class SendToSalesforceService

  attr_reader :client

  def initialize
    @client ||= Restforce.new
    ...
  end

  def execute!
    client.upsert(...)
  end

Which will initialize a new restforce client every time you send something to salesforce… try something like this:

class SendToSalesforceService

  def initialize
    ...
  end

  def client
    Thread.current[:restforce_client] ||= Restforce.new
  end

  def execute!
    client.upsert(...)
  end

Which will set up one RestForce client per thread running. As we have about 40-50 sidekiq jobs running sometimes to clear out thousands of entries we are sending to Salesforce, it seems this handles it with only 1 login per sidekiq worker instead of one per entry sent.

+4
mikel on Dec 23, 2021

Restforce::AuthenticationError: invalid_grant: authentication failure I’ve also solved this problem by relaxing the IP restriction on admin view. See: this post on SalesForce forum

And also this page is helpful to solve authentication failure. https://help.salesforce.com/apex/HTViewSolution?id=000212208&language=en_US

+2
yuuki1224 on Mar 22, 2016

So I was also hitting this and the key was removing the security_token and removing the ENV var since the lib auto detects the var

+1
chadwilken on Jun 29, 2018

I was also investigating this Restforce::AuthenticationError: invalid_grant: authentication failure problem. For me, the issue eventually was that I was using the username/password flow, and I didn’t notice that changing the user account’s password also caused the security token being reset.

The new security token got emailed to an email address that I didn’t follow. I found this thing out when I redid the setup from scratch - then I noticed there were previously sent “security token was reset” emails that had gone unnoticed.

Providing both the security token and password works for me:

client = Restforce.new(username: ENV.fetch('SALESFORCE_USERNAME'),
                       password: ENV.fetch('SALESFORCE_PASSWORD'),
                       security_token: ENV.fetch('SALESFORCE_SECURITY_TOKEN'),
                       client_id: ENV.fetch('SALESFORCE_CONSUMER_KEY'),
                       client_secret: ENV.fetch('SALESFORCE_CONSUMER_SECRET'),
                       api_version: ENV.fetch('SALESFORCE_API_VERSION'))

# Methods for checking whether the connection works
client.authenticate!
client.describe
+1
pre on May 7, 2018

worked for me: I had to “unlock” the user manually - I went to user/edit and there was an “unlock” button available. 1 click and no more errors:)

+1
lubieniebieski on Aug 3, 2016
Read more comments on GitHub
← rest-client: RestClient::SSLCertificateNotVerified certificate verify failed, How can we bypass
restforce: Problems using the Streaming API through restforce →