The new authentication methods are unreliable: Oauth Token constantly need to be regenerated about salesforcer HOT 5 OPEN

In fact, the only thing I ask @StevenMMortimer is if your willing to continue what you have been doing already into researching the issue.

from salesforcer.

@mlane3 Thanks for sharing all of your research! I don't know if I can solve your issue, but I'll ask a few questions to see if that brings up any ideas:

1. Does basic authentication (password+token) not work for your org? That would eliminate the need for MFA tokens.
2. I've never encountered an issue with MFA tokens expiring every 2 weeks. I actually store an encrypted token in the repository here that gets decrypted and used by GitHub Actions. The token should automatically refresh if expired and only needs to be changed every 6 months when Salesforce requires you to change your login password. I believe the expiration is a setting in the OAuth client for your org? #120 (comment)

from salesforcer.

Hi @mlane3 – Thanks again for raising this. Let me know if you're still having issues and maybe we can troubleshoot a bit more? If I don't hear back, then I'll close this issue. Thanks!

from salesforcer.

@StevenMMortimer thanks you for your replies. To answer your question....

1. Basic authentication does work for all except the largest data sources which is every other week about 50,000 rows. (So yes I have roughly 50,000 users and former users)
2. The expiration is usually tied to trying to get this data source to work or trying to login using the account to salesforce.com . Both seem to trigger a reset. I was able talk with IT and it should have the 8 month reset. Since looking into things issue something is very wrong with how our salesforce accounts are setup. We use Cyberark and Paloalto instead of Otka.
3. I have tried to get a response before as you can see from the list of posts below. Because I know that this affect other open source users, I kept things personal. I am know I need to leverage government resources. This because I need to make very clear to Salesforce that at this point not having an alternative to MFA for a small number of accounts a legal liability too great for governments to continue using their product. Governments are legally required to have open records and that are easy for the public to request:

• https://twitter.com/n30sh4d0wderp/status/1544764272114286592
• https://trailhead.salesforce.com/trailblazer-community/feed/0D5S00000IQ9nfSAD
• https://twitter.com/n30sh4d0wderp/status/1567550683770937345?s=20&t=8Q0Sot5mnPmBTHQzRKNJaQ
• https://trailhead.salesforce.com/trailblazer-community/feed/0D54S00000J9EShSAN

from salesforcer.

@mlane3 Thanks for the update and pushing forward on things. Regarding bullet 1, do you have documentation about row limits depending on authentication? I've never heard this. You should be able to query millions of records using the Bulk APIs and they do not require OAuth2.0 authentication (basic will work just fine).

from salesforcer.