Apex – Custom Login with Password for Experience Cloud Sites

apexcommunityexperience-cloudoauth2

We have a few experience cloud sites in production. Right now, the login and register flows are passwordless, using the salesforce's native passwordless login and verification functionalities. Our client asked to change this to now add a password to this.

In the backend, when someone registers in the site, a User is created, and a randomized password is set with System.setPassword. When logging in, a verification code is sent via mail to the user and has to enter it to successfuly log in (if the user is found).

Now, they want to remove that verification code flow and only ask for username and password. I understand there is no way to validate a user password from Apex alone as the password is not accessible. I googled a bit and I didn't find any specific information as to how validate a password in a community site context, so here I am, asking for tips or any help.

Do I have to use a OAuth authentication method? If that is the case, I understand that the Username-password Oauth flow is NOT recommended or even supported in community sites. Which one is the best suited for my use case? Really, any help or direction is appreciated.

Best Answer

You can use Site.login to use their username and password. On successful login, you'll get a PageReference that contains the URL necessary to access site in a logged-in state.

Related Solutions

Community – Username-Password OAuth Authentication for Community Users

In the profile of the user make it as API enabled.

I was able to log in using api inside the community using the below soap login call.,

<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
<Body>
    <login xmlns="urn:tooling.soap.sforce.com">
        <username>tomxxx@dsssd.com</username>
        <password>Nexxwussa123</password>
    </login>
</Body>
</Envelope>

Also make sure you include header as

SOAPAction : Soap

endpoint: https://test.salesforce.com/services/Soap/T/41.0

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="urn:tooling.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
    <loginResponse>
        <result>
            <metadataServerUrl>https://foooodle--UAT.csx7.my.salesforce.com/services/Soap/m/41.0/00D8E00x009MIn</metadataServerUrl>
            <passwordExpired>false</passwordExpired>
            <sandbox>true</sandbox>
            <serverUrl>https://foooodle--UAT.csx7.my.salesforce.com/services/Soap/T/41.0/00D8E0000009MIn</serverUrl>
            <sessionId>00D8xx0009MIn!AQUAQAKlWxxuowH_1DK7ic52WzqCrxgyDRaPsrr9L8JgGRpv7l5oBmVFJGSs2tsKuxWAPum7vT2IlM7AuGt7vf.qG.3M8R_</sessionId>
            <userId>0058E0000xxWmT4QAK</userId>
            <userInfo>
                <accessibilityMode>false</accessibilityMode>
                <chatterExternal>false</chatterExternal>
                <currencySymbol>£</currencySymbol>
                <orgAttachmentFileSizeLimit>5242880</orgAttachmentFileSizeLimit>
                <orgDefaultCurrencyIsoCode>GBP</orgDefaultCurrencyIsoCode>
                <orgDefaultCurrencyLocale>en_GB</orgDefaultCurrencyLocale>
                <orgDisallowHtmlAttachments>false</orgDisallowHtmlAttachments>
                <orgHasPersonAccounts>true</orgHasPersonAccounts>
                <organizationId>00D8x00009MInUAM</organizationId>
                <organizationMultiCurrency>false</organizationMultiCurrency>
                <organizationName>Pranya Finance</organizationName>
                <profileId>00e580000xydBAAQ</profileId>
                <roleId>00E8E0000xbcdhUAA</roleId>
                <sessionSecondsValid>28800</sessionSecondsValid>
                <userDefaultCurrencyIsoCode xsi:nil="true"/>
                <userEmail>pranayx@nce.com</userEmail>
                <userFullName>Tom Dealer tomm</userFullName>
                <userId>0058E000xWmT4QAK</userId>
                <userLanguage>en_US</userLanguage>
                <userLocale>en_GB</userLocale>
                <userName>tomxxx@dsssd.com</userName>
                <userTimeZone>Europe/London</userTimeZone>
                <userType>PowerPartner</userType>
                <userUiSkin>Theme3</userUiSkin>
            </userInfo>
        </result>
    </loginResponse>
</soapenv:Body>

You can also use this to call custom Apex Rest/Soap Webservices. It saves costs than using a full platform user license as Integration user.

[SalesForce] System.SetPassword for setting Password does not work in APEX but works in Anonymous Execution

For community users, you need to use Site methods: createExternalUser(...) (or createPersonAccountPortalUser(...) if you're using Person Accounts) and login(..). System.setPassword(...) is intentionally limited since it operates at the baseline org level. Site methods have fewer restrictions because they're sandboxed by the community.

Related Topic