To access Salesforce via a desktop client or via the API from an IP address that’s not
in your company’s trusted IP range, use a security token. A security token is a case-sensitive
alphanumeric code. Depending on how you access Salesforce, you either append the security token
to your password or enter it in a separate field in a client application.
Required Editions
Available in: both Salesforce Classic and Lightning
Experience
Available in: All Editions
Connect for Office not
available in Database.com
Connect Offline available in: Salesforce Classic
Connect Offline available in: Professional,
Enterprise, Performance, Unlimited, and
Developer Editions
Your security token isn’t displayed in your settings or profile. The only way to obtain a
token is to reset it and receive a new token. You can reset your token from your personal
settings. After the first time you reset your token from your personal settings, you also
get a new token via email if you reset your password.
In these cases, you can't reset your security token.
Login IP ranges are set for your user profile.
Note Profile-level IP range restrictions
are different from company-wide IP restrictions. With profile-level IP restrictions, all
logins from outside the IP range are blocked. In this case, there's no use for security
tokens, so the option to get one is hidden. With company-wide IP restrictions, you can
still access Salesforce from outside the trusted IP range, either with security tokens
or multi-factor authentication (MFA) methods.
You have the API Only user permission.
You have the Multi-Factor Authentication for API Logins user permission. In this case,
use the code generated by an authenticator app, such as Salesforce Authenticator, for the
security token value.
If you don't see the option to reset your security token, contact your Salesforce admin. If
you're an admin looking for troubleshooting help, see this knowledge article.
From your personal settings, in the Quick Find box, enter Reset,
and then select Reset My Security Token.
Click Reset Security Token.
The new security token is sent to the email address that's specified in your
Salesforce personal settings.
How you use the security token depends on the service that you want to access. To
access Salesforce APIs and some desktop clients, append the security token to your password.
Other desktop clients provide a separate field for the security token.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
