Find your content:

Search form

You are here

Am I understanding how Api sessions work correctly?


So I'm using the C# SOAP api w/ OAuth.

  • User A logs in, does something that will take 60 seconds
  • User B logs in 10 seconds into User A's process, and finishes in 5 seconds
  • User A cannot make another request to the API once User B finished because User A's access token, session, and possibly server URL are no longer valid?

A way around this would be to store User A's Access Token and server URL, and depending on my settings for when a session expires(say, 12 hrs), I use the same server URL and Access Token as User A.

Also, both users are using the same login(a master API login).

Is this correct?

Attribution to: RJP

Possible Suggestion/Solution #1

If they are using the same Salesforce username, they can both be logged in a the same time on different computers with different OAuth tokens, and each of them will have a separate session. Unless I misunderstand, this shouldn't cause a direct conflict.

Attribution to: Jeremy Nottingham

Possible Suggestion/Solution #2

One username can be logged on from multiple places at the same time as each machine has a separate session. What you need to be wary of however, is that if User A and User B in this scenario are two people using one set of credentials, you'll need to make sure that you're not breaking the terms of your licence.

If the credentials are being used for an integration piece where there's no ownership of data per se then you might be ok, if you're somehow tagging information to make it specific to User A or User B then you should be using two licences (and hence two sets of credentials) instead.

Attribution to: Matt Lacey
This content is remixed from stackoverflow or stackexchange. Please visit

My Block Status

My Block Content