Life in the cloud.

38 Responses to "Building a Custom Salesforce Login"

Brian Peddle

June 6, 2011 at 2:24 pm

I believe that is for portal seats only and not regular salesforce seats.


June 6, 2011 at 3:40 pm

Yup, you are right. Doesn’t work for regular users but I think this works for portal logins.

Don Robins

June 7, 2011 at 11:47 pm

Great persistent effort, and great payoff – facing a similar challenge and will attempt to leverage your findings.

Thanks for posting!


Brian Peddle

June 8, 2011 at 5:02 am

Thanks Don. Let me know if it works out for you.

Andrew Chinn

June 13, 2011 at 4:08 pm

How did you get your apex page to be exposed to the public without using a site. I tried to use your solution with the js login, but The soap does not work for the site and I am getting an error.

Brian Peddle

June 13, 2011 at 4:16 pm

I did use a sites page to make the log in, sorry if I didn’t explain that better.

Andrew Chinn

June 13, 2011 at 6:07 pm

Was there a certain setting you used for your site, when I try to use your redirect I get page is under maintenance error when it adds the apex to the url. Sorry to pick your brain but your solution seems to be the best one I have found so far, because you kept everything in sales force. Thanks for your time :)

Andrew Chinn

June 13, 2011 at 6:11 pm

sorry i just seen what was going on. My urls for my sandbox and site endpoint are different so the url is not correct. You can remove my top post if you want to. I can give you an update to the solution once I find one.

Brian Peddle

June 13, 2011 at 6:14 pm

Where are trying to go from your sandbox?

Andrew Chinn

June 13, 2011 at 6:40 pm

yes I am trying from my sandbox

Andrew Chinn

June 13, 2011 at 6:43 pm

I did get it to redirect properly, I just had to hardcode in what i needed it to me. I am getting a 500 error though when attempting to login.

Brian Peddle

June 13, 2011 at 6:44 pm

Whats the end point from the sandbox, sounds like its not the sandbox?

Brian Peddle

June 13, 2011 at 6:45 pm

Can you post your site url where the login is?

Andrew Chinn

June 13, 2011 at 7:05 pm

Sadly I can’t post any urls for I am under an NDA. Client Confidentiality is very important.

Zach McElrath

June 15, 2011 at 6:34 pm

Have you seen what’s coming in the Winter 12 release? ISV Partners will be able to completely rebrand every page of the Salesforce login / password / etc. process (some 57 different pages in all), in versions optimized both for desktop and mobile browsers, all through a point-and-click interface. It’s going to be really powerful. Watch the Summer 11 Release for ISV’s Webinar.

Andrew Fawcett

June 17, 2011 at 5:47 am

Great article Ben, very useful and time saving to read! Regarding this statement “I considered building an oAuth sites page and just have SFDC and the org I was in oAuth itself, but after discussing with a few people this didn’t seem like it could happen and may be more hassle than what it was worth.”, can you elborate any further?

Brian Peddle

June 17, 2011 at 6:12 am

@Andrew — Who is Ben … :)

From talking to a few people you’d probably be able to use oAuth to authenticate against the org but managing session from that point forward would be a problem because to SFDC, from the Sites side, you’d always be a Sites Guest User which has no notion of session.

It may be possible, I just didn’t push top far down that path.

Andrew Fawcett

June 17, 2011 at 6:27 am

Sorry Brian! Thanks for the rapid response, I’ve been reading about the contexts in which oAuth can be used, I think we you are saying is it’s promblematic to implement the “web server” profile of oAuth under sites as we don’t know who the user is?

Lucheng Liu

June 22, 2011 at 11:45 pm

Hi Brian,

I thought doing a simple custom login would be fairly straight forward and it is turn out to be anything but…

I followed your example but I am getting the following error instead:
{faultcode:’UNKNOWN_EXCEPTION’, faultstring:’UNKNOWN_EXCEPTION: Site under construction’, }

The custom login form’s hosted on a site page and this site has remote access to the main application.

on the community form there is a question raised on what “sforce.connection.login” used for? and the answer’s
“it’s part of the ajax toolkit let’s you login to salesforce via javascript.
Site access doesn’t have a session id, so this is not supported for sites.”

I could really use some insight into this issue. Thanks.

Brian Peddle

June 23, 2011 at 5:17 am

@Lucheng could you share the link to the public sites page?

Lucheng Liu

June 24, 2011 at 2:23 am

I just realized that if I access the site page from the public link: then I get the ’UNKNOWN_EXCEPTION: Site under construction’ error. OTOH, if I access the same exact page from the internal link: after having already logged in through the main page then I don’t get the error (actually in that case the extra sforce.connection.login() call is really not needed as I would have a valid login session already).

So at this point I am questioning what’s the value for the ajax call sforce.connection.login() if I couldn’t use it on a public site to access salesforce resources. And I certainly wouldn’t use it on an internal salesforce hosted page since I would have already logged in at that point. I am really puzzled.

A related question, I also had to pass the security token to the sforce.connection.login() or else I’d get an error requiring token but in your example you simply passed in username and password. Am I missing some settings?


July 8, 2011 at 11:29 am

Can this be made to work for Self-Service Portal Users?

Mandeep Deka

September 5, 2011 at 2:06 am

@Brian Peddle

I am in a situation same like Lucheng Liu above. So I am interested to know this too or a way around to make it work.

Or we could only use this for a Customer portal instead of Sites. Please give some insight on this.



October 31, 2011 at 12:36 pm

I figured out one permutation that causes issues with this. If you have a prefix setup for your site, then you’ll get an error about the site being under construction. Easiest way to resolve it is to turn off the prefix setting.


January 20, 2012 at 5:46 am

Hi Brian, Im just curious, did you put any suffix in your Sites setting?
If I put something like /login at the end, I can still access the login page but it is throwing “UNKOWN_EXCEPTION: Site under construction” error.
And if I take off the suffix, I can access the login page, but it will require token security to login.
Can you help me with this?


January 20, 2012 at 5:49 am

Hi Brian, Im just curious, did you put any suffix in your Sites setting?
If I put something like /login at the end, I can still access the login page but it is throwing “UNKOWN_EXCEPTION: Site under construction” error when I tried to login.
And if I take off the suffix, I can access the login page, I can successfully login but it require token security to login, and we do not want the user to put in their security token everytime.
Can you help me with this?

Somesh Mukherjee

February 2, 2012 at 5:22 pm

Hi Brian Peddle, Great stuff. I am pretty much new to SF development and this post was super useful.

Just wanted to know if there is any way by which I can override the default logout as well to redirect to the custom login page, we tried building here and not the regular salesforce login page. I have been reading that this can be achieved for customer portal integrations, but wanted to figure out a way to incorporate this in the normal scenario.

sandeep kumar

March 1, 2012 at 3:13 am

Hi Brian
Iam integrating salesforce api in my iphone native app.I need custom log in page instead of salesfrce webview to log in.When I call authenticate method SFOauthCoordinator delegate method :- (void)oauthCoordinator:(SFOAuthCoordinator *)coordinator didBeginAuthenticationWithView:(UIWebView *)view is calling.this method adding salesforce login webview on viewcontroller.This is a required delegate method.we should implement this method.if we wont implement this method we will get crashed…can anybody help how to design custom log in page???

Sandeep kumar

Konstantin Krauss

January 10, 2013 at 7:17 am

Hi Brian,

really nice example. Can you add a license (e.g. MIT) to your Github repository so your code can be used?


Brian Peddle

January 10, 2013 at 8:51 am

Thanks Konstantin … I just added it for you.

Shinya Koizumi

March 1, 2013 at 9:13 am

Is there any way to do this without access token? I understand if you are trying to access from the untrusted network you might need to append token after the password.


March 4, 2013 at 12:30 pm

Hi Brian,

With the VF page and Apex class you provided, Can I override url? I tried creating a remote site, but it is not directing to custom login.

This is what I did;
Created a class, VF page and remote site


Kristopher STice

March 14, 2013 at 5:57 pm

Hey Brain,

Thanks for the article its amazing how still relevant it is. My question is how do a sites user use the ajax form to login without a token? I am not seeing a solution on this. It concerns me that we don’t want our customers logging into with that extra criteria. I am getting this error when trying to sign in.

INVALID_LOGIN: Invalid username, password, security token; or user locked out.

I validated that my user isn’t locked out and my username and password are correct.



March 15, 2013 at 2:34 am

Hi Brain

i created site in developer edition , but not work properly when i entered username,password hit on login button request is not going to controller class ,how can i do please let me know


Kristopher STice

March 15, 2013 at 11:37 am

Ok so I figured it out.

sforce.connection.loginScopeHeader = {};
sforce.connection.loginScopeHeader.organizationId =”xxxxxxx”;
sforce.connection.loginScopeHeader.portalId = “xxxxxxxx”;

Need to specifiy the Organization and protal


March 20, 2013 at 2:52 am

how to insert dynamically pick list value into custom object
how can i do this please let me know…


Lonnie Lee

October 30, 2013 at 3:47 am

Just beat my head against the wall for a while on this one. I found that in the connection.js file there are hard coded references to “/services/Soap/u/23.0″. When you are calling the ajax script from a site you are another directory level up. i.e. “/mysitename/apex/myPage”

If you download the connection.js file and update the hard coded values to “../services/Soap/u/23.0″ it works like a charm.

Not elegant but it works!

Leave a Reply