Product Advisory on login() API retirement
Salesforce has announced a critical change to its security posture that impacts all third-party applications and integrations that rely on its legacy SOAP API login() operation. As part of its secure-by-default initiative, Salesforce is retiring the SOAP API login() method — which allows external applications to authenticate by passing a plain-text username and password — and mandating that all integrations migrate to OAuth 2.0.
This advisory covers the impact on three Boomi connectors and Boomi's plan to update each one before the Salesforce retirement deadline.
Affected Connectors
- Salesforce Connector
- Salesforce Apex Connector
- Salesforce Analytics Connector
Frequently Asked Questions (FAQ)
1. What is changing and why?
| Detail | Description |
|---|---|
| Current Method (Retiring in 2027) | SOAP API login() operation (used in API versions 31.0 through 64.0). |
| New Required Method | External Client Apps and OAuth 2.0 (Salesforce recommends the OAuth Client Credentials Flow or the OAuth Web Server Flow). |
| Reason for Change | To enhance security and comply with Salesforce's secure-by-default posture for authenticating external applications in the current threat landscape. |
2. What is the key deadline?
Salesforce will permanently end support for and retire the SOAP API login() operation with the Salesforce Summer '27 release.
After the Summer '27 release, any existing integration using the legacy SOAP API login() will fail to authenticate, and all subsequent API calls will fail.
3. What is the plan for the updated Salesforce Connectors?
Release Timeline: We plan to release updated versions of the Salesforce Connectors with the required OAuth support in 2026.
4. Is the Salesforce REST Connector a viable alternative to the Salesforce Connector?
Yes, the Salesforce REST Connector is a fully supported alternative that already uses the OAuth 2.0 authentication method and is not affected by the SOAP API login() retirement. If you need to immediately transition mission-critical integrations to a secure platform ahead of the 2026 SOAP Connector update, migrating to the REST Connector is a viable option.
We strongly urge you to begin identifying and auditing all integrations using the Salesforce SOAP Connector today. We will release comprehensive documentation and updated connector availability announcements well in advance of the Salesforce retirement.
We understand that mandatory connector updates can impact your business, and we are committed to making this transition as smooth as possible.
For more information, see SOAP API login() Retirement - Salesforce Help.
