Using Frontdoor.jsp to Log Into Salesforce

You can use frontdoor.jsp to give users access to Salesforce from a custom Web interface, such as a remote access Force.com site or other API integration, using their existing session ID and the server URL.
Available in: All Editions

To authenticate users with frontdoor.jsp, you must pass the server URL and session ID to frontdoor.jsp in this format:
https://instance.salesforce.com/secur/frontdoor.jsp?sid=session_ID&retURL=optional_relative_url_to_open

Instance

You must know the instance of the user’s organization. For example, if the serverUrl returned when you log in via the API is https://na1.salesforce.com, na1 is the instance. The rest of the server address (the salesforce.com domain name) remains the same.

If you’re building an integration for a single Salesforce organization, you can hard-code this value. If you’re building an integration for multiple organizations, parse the instance from the serverUrl of the returned LoginResult from the SOAP API login() call.

Session ID

You can obtain the session ID from:
  • The access_token from an OAuth authentication
    Tip

    Tip

    One of the scopes specified when you create a Connected App must be web or full.

  • The LoginResult returned from a SOAP API login() call
  • The Apex UserInfo.getSessionId()

The session ID returned using the Visualforce {!GETSESSIONID()} can’t be used on frontdoor.jsp.

Relative URL to Open

You can optionally include a URL-encoded relative path to redirect users to the Salesforce user interface or a particular record, object, report, or Visualforce page (for example, /apex/MyVisualforcePage).