GUI
On my Windows machine, I can login with GUI Data Loader 44.0.0 without providing a username and password, by choosing "OAuth" and "Production" environment and clicking "Log in":
On the little popup that appears, I click the bottom link "utiliser un domaine personnalisé" which is the French translation for "Use custom domain":
I enter the custom domain name, and see the https://xxxxx.my.salesforce.com URL displaying below the field:
And I am logged in without any issue or password entry –> "Login successful".
CLI
Now for command-line login, I can't get the same behavior. On the same Windows machine, I have tried several configurations but found none that lets me get rid of user name and password entry.
- process-conf.xml with correct values provided in
sfdc.usernameandsfdc.password(encrypted) works perfectly - process-conf.xml with no value provided in
sfdc.usernameend systematically in error:
2020-04-08 15:38:22,614 ERROR [myProcess] client.ClientBase getConnectorConfig (ClientBase.java:112) - Empty salesforce.com username specified. Please make sure that parameter sfdc.username is set to correct username.
- process-conf.xml with
sfdc.usernameprovided but nothing insfdc.passwordalways ends in invalid login error, whatever other values I can put in the config file:
2020-04-08 15:37:28,943 ERROR [myProcess] client.PartnerClient runOperation (PartnerClient.java:350) - Error while calling web service operation: login, error was:
[LoginFault [ApiFault exceptionCode='INVALID_LOGIN'
exceptionMessage='Invalid username, password, security token; or user locked out.'
extendedErrorDetails='{[0]}'
]
]
Well, you have the big picture. Details follow.
Command line
java -cp "C:\Program Files (x86)\salesforce.com\Data Loader\dataloader-44.0.0-uber.jar" -Dsalesforce.config.dir=<my conf dir> com.salesforce.dataloader.process.ProcessRunner process.name=myProcess
I have a 100% confidence that there is no problem in touching the right configuration files, here they are:
config.properties
#Loader Config
#Thu Sep 10 09:37:47 PDT 2009
sfdc.endpoint=https\://login.salesforce.com
loader.hideWelcome=true
sfdc.oauth.environment=Production
sfdc.oauth.environments=Production,Sandbox
sfdc.oauth.Production.bulk.clientid=DataLoaderBulkUI/
sfdc.oauth.Production.partner.clientid=DataLoaderPartnerUI/
sfdc.oauth.Production.server=https://login.salesforce.com/
sfdc.oauth.Production.redirecturi=https://login.salesforce.com/services/oauth2/success
sfdc.oauth.Sandbox.bulk.clientid=DataLoaderBulkUI/
sfdc.oauth.Sandbox.partner.clientid=DataLoaderPartnerUI/
sfdc.oauth.Sandbox.server=https://test.salesforce.com/
sfdc.oauth.Sandbox.redirecturi=https://test.salesforce.com/services/oauth2/success
process-conf.xml
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="myProcess"
class="com.salesforce.dataloader.process.ProcessRunner"
singleton="false">
<description>Demonstration sample for StackExchange</description>
<property name="name" value="myProcess"/>
<property name="configOverrideMap">
<map>
<entry key="sfdc.username" value="myUser"/>
<entry key="sfdc.password" value="89f5be1b76f7e2d7bc58d8f68bb574e02a57f06b9ab9994a1811a05a0934f9aa"/>
<entry key="process.encryptionKeyFile" value="C:\testdl\key.key"/>
<entry key="sfdc.timeoutSecs" value="540"/>
<entry key="sfdc.loadBatchSize" value="200"/>
<entry key="sfdc.entity" value="InfoQualif__c"/>
<entry key="process.operation" value="update"/>
<entry key="process.mappingFile" value="C:\testdl\update_icf.sdl"/>
<entry key="process.outputError" value="C:\testdl\icftest_error.csv"/>
<entry key="process.outputSuccess" value="C:\testdl\icftest_success.csv"/>
<entry key="dataAccess.name" value="C:\testdl\icftest.csv" />
<entry key="dataAccess.type" value="csvRead" />
</map>
</property>
</bean>
</beans>
This sample works fine, as there is a user/password in it. the challenge is to find the keys that would allow me to remove user and password.
Update
The web browser used by GUI to ask me the custom domain is IE, as you can see here:
Even after clearing all cookies from IE (see below), I still can successfully log in with just entering my custom domain. No user name or password needed.
Best Answer
Generally, authentication to salesforce always requires at least username,password (the example you provide above is using single sign on, via oAuth, which in this case uses username and password in a salesforce login page). Tying auth to a user ensures that the sf Admin can control user profile settings, and object access. Generally, only when using some kind of JWT token within an SSO process (JWT is not supported by dataloader), can you skip password. (for a broader understanding of how many different ways auth is possible in single sign on scenerios, see this help file: https://help.salesforce.com/articleView?id=remoteaccess_oauth_flows.htm&type=5)
However, Dataloader requires username password. Dataloader also offers username/password encryption options. Will that help you meet your business requirements (perhaps security is your concern?)
https://help.salesforce.com/articleView?id=loader_encryption.htm&type=5
You could also use a different tool which supports a different kind of auth.
This could be a good lead: since SFDX support oAuth, as well as subsequent alls without storing the username/password, try looking into the SFDX force:data CLI commands... https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_force_data.htm
Here is a related post: Can I use SalesforceDX to load data into sandboxes?