Loading

SOAP Authentication with Username and Password returns "Bad Request" when using Marketing Cloud API

Publiseringsdato: Jun 10, 2025
Beskrivelse
Legacy Username and Password authentication with SOAP requires additional parameters to work by default. To ensure there isn't another cause, review these steps for enabling this behavior (source)
  • When setting up the Marketing Cloud user, select API User.
  • For Marketing Cloud accounts with role-based permissions, select the Role | Email | Admin | API Access | WebServices API permission. For accounts with legacy permissions, select the Grant the user access to the web services permission.
  • Enable the username and password security setting. Go to Setup | Security | Security Settings and find the setting under Username and Logins.

If all steps to enable this behavior are confirmed correct, the issue may be with the user's Password. SOAP calls are XML and certain characters have special meaning, such as '&', '<', and '>', and these characters can cause issues if they are present within a SOAP element.
Løsning
It is recommended to use OAuth token based authentication for all API calls.

In cases where this is not an available option, surrounding passwords with CDATA as in the code below will allow many special characters: 
<o:Password><![CDATA[XXXXX]]></o:Password>
If access to the raw SOAP call is also unavailable (e.g. using a 3rd party service), changing the user's password to not include special characters, such as '&', brackets, and slashes, should allow for the SOAP call to authenticate correctly.
Knowledge-artikkelnummer

000388818

 
Laster
Salesforce Help | Article