Overview
When establishing automated connections to Salesforce, such as through an OAuth2 flow for testing or integration purposes, Multi-Factor Authentication (MFA) can interrupt the process. This document outlines a method to bypass the MFA or verification code prompt for specific, trusted connections.
How It Works
The recommended approach involves using a tunnel proxy and whitelisting its IP addresses within your Salesforce environment. By designating these IPs as trusted, you can bypass the MFA requirement for any login attempts originating from them.
- Configure a Tunnel Proxy: Set up a tunnel proxy service to route your connection traffic.
- Obtain Tunnel IPs: Identify the static IP addresses used by the tunnel proxy.
- Whitelist IPs in Salesforce: An administrator with access to the Salesforce admin portal must add these tunnel IPs to the list of trusted IP ranges.
- Establish Connection: Once the setup is complete, connections made through the tunnel proxy will be recognized as trusted and will not trigger the MFA prompt.
Limitations
- This configuration requires administrative privileges in your Salesforce admin portal.
- The solution is dependent on the correct setup and availability of the tunnel proxy service.
- MFA is only bypassed for connections originating from the whitelisted IP addresses. Users and systems connecting from other locations will still be subject to MFA policies.
Related Info
For further assistance and resources, including documentation and instructional videos, please visit the Functionize Support Portal. An AI-powered Support Agent is also available via the help icon on the portal.