Verify Your Identity with Salesforce Authenticator
After you install the Salesforce Authenticator app on your mobile device and connect
your Salesforce account, use the app to securely log in to your account or access restricted
resources in Salesforce. Also, you can block activity that you don’t recognize and report it to
your admin.
Required Editions
Salesforce Authenticator setup available in: both Salesforce Classic (not available in
all orgs) and Lightning Experience
Multi-factor authentication with Salesforce Authenticator available in: all
editions
The automation feature is enabled only if you have at least one Salesforce ecosystem
account connected to the app. These accounts make up the Salesforce ecosystem.
Salesforce.com
Commerce Cloud
Heroku
Sales Cloud
Marketing Cloud
MuleSoft
Quip
Tableau
Note The automation feature is available only when your Salesforce admin enables it.
To verify your identity with Salesforce Authenticator, take these steps.
Log in to your Salesforce account, or try to access a restricted resource in
Salesforce.
Salesforce Authenticator sends a notification to your mobile device.
Note If you’re
expecting a notification but don’t receive one, swipe down from your accounts list to
manually refresh the app. If that doesn’t work, push notifications can be temporarily
unavailable due to extremely high traffic. You can verify your identity with TOTP codes
instead.
Respond to the notification, or open Salesforce Authenticator to view the verification
request.
The app shows details of your account activity including your username, the
service that you’re trying to access, and information about the device used for the
activity, such as your computer. If location services are enabled and available, the app
shows your approximate location.
If you recognize the details, tap Approve on your mobile device.
If you don’t recognize the details, tap Deny.
If you approve the request, you’re logged in to Salesforce or granted access to
the desired resource.
If you deny a login request, Salesforce Authenticator asks you
what to do about the unrecognized activity. To prevent unauthorized access to your
account and alert your admin of the potential security breach, tap Block
Activity and Flag. This action also creates a log entry in Identity Verification History. To prevent access
to your account without flagging, tap Just Block
Activity.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
