[SalesForce] User password expiration

Is there any way to programmatically detect when the user password is expired?
There are no password expiration datetime fields on User object, I could only find Profile settings "Never expire password".

Best Answer

If you're only interested in determining if the user's password is currently expired, you can log in via the SOAP API; see the LoginResult documentation:

passwordExpired | boolean | Indicates whether the password used during the login attempt is expired (true) or not (false). If the password has expired, then the API returns a valid sessionId, but the only allowable operation is the setPassword() call.

So, if you check passwordExpired, and it is true, you can prompt the user set a new password (which you would set with setPassword), and then they can continue working normally.

If you're using an OAuth login flow for a mobile application (typically REST calls), the UI handles the expired password situation for you automatically; when you receive the access token, it will be for an active user with an unexpired password.

Other API types will offer a similar type of return type; please check the relevant documentation for the API you're trying to use.

Related Topic