Old Version · Setup Guide

Generate Your Salesforce Security Token

A security token is required for SFDC File Exporter v6/v7 to connect to Salesforce when IP restrictions are in place.

New version users don't need this.

The new SFDC File Exporter uses OAuth 2.0 and does not require a security token. Upgrade for free to skip this step entirely.

Upgrade Free

What Is a Salesforce Security Token?

A Salesforce Security Token is a system-generated alphanumeric string that acts as an additional password for API access. When you connect to Salesforce via the API from an IP address not on your org's trusted IP whitelist, Salesforce requires you to append your security token to your password.

SFDC File Exporter v6/v7 uses the Salesforce SOAP API, so if your IP is not whitelisted in your org, you'll need to enter your token in the login screen.

Step-by-Step: Reset Your Security Token

Salesforce does not show your existing token — you can only reset it, which sends a new one to your registered email.

1

Log in to Salesforce

Go to your Salesforce org and sign in with your admin or user credentials.

2

Open Your Personal Settings

Click your avatar / profile picture in the top-right corner, then click Settings (not Setup).

In Salesforce Classic, click your name in the top-right corner and select My Settings.
3

Navigate to Reset Security Token

In the left-hand menu, expand My Personal Information, then click Reset My Security Token.

Can't find it? Use the Quick Find / search box in the Settings sidebar and type "Security Token".
4

Click "Reset Security Token"

Click the Reset Security Token button. Salesforce will immediately send your new token to the email address registered with your account.

5

Check Your Email

Look for an email from Salesforce with the subject "Your new Salesforce security token". The token will be a long alphanumeric string.

If you don't see the email, check your spam folder. The sender is typically support@salesforce.com.
6

Use the Token in SFDC File Exporter

Open SFDC File Exporter v6/v7. On the login screen, enter your Salesforce Username, Password, and paste the Security Token into the Security Token field. Then click Login.

Can't Find the Reset Option? Use the URL Hack

Some orgs hide the Reset My Security Token option in personal settings — particularly when an administrator has restricted certain settings pages, or when your profile doesn't surface it in the sidebar. In that case, you can navigate directly to the reset page using a URL hack.

What is a URL hack? A URL hack means constructing a specific deep-link URL that bypasses the standard navigation and takes you directly to a Salesforce internal page — in this case, the token reset page — regardless of whether it appears in your sidebar.
1

Find Your Org Domain

Your Lightning org domain appears in your browser's address bar when you're logged in. It looks like yourcompany.lightning.force.com. Copy just the subdomain part — e.g., yourcompany.

2

Construct the URL

Build the following URL, replacing <YourDomain> with your actual org subdomain:

https://<YourDomain>.lightning.force.com/_ui/system/security/ResetApiTokenEdit?retURL=%2Fui%2Fsetup%2FSetup%3Fsetupid%3DPersonalInfo&setupid=ResetApiToken

Example: if your org is acme.lightning.force.com, replace <YourDomain> with acme.

3

Paste & Navigate

Paste the constructed URL into your browser address bar while you are already logged into Salesforce, then press Enter. The Reset Security Token page will load directly.

You must be already logged in to your org before navigating to this URL. If you're not, Salesforce will redirect you to the login page.
4

Click "Reset Security Token" and Check Email

The reset page will appear with a single Reset Security Token button. Click it — Salesforce will send your new token to your registered email address immediately.

Frequently Asked Questions

Not always. If your IP address is on the Salesforce trusted IP list (set in Setup → Network Access), Salesforce will not require the token. Most users outside a corporate network will need it.

Check your spam/junk folder. The email comes from support@salesforce.com. Also verify the email address on your Salesforce profile matches where you're checking. If still missing, contact your Salesforce administrator.

Yes — if you have other tools (e.g., Data Loader, Workbench, or other integrations) using your old token, they will stop working until you update the token in those tools as well.

Yes — either add your IP to Salesforce's trusted IP list (Setup → Network Access), or upgrade to the new version of SFDC File Exporter which uses OAuth 2.0 and never requires a security token.

Download New Version

Use the URL hack method described in the section above. Navigate directly to:

https://<YourDomain>.lightning.force.com/_ui/system/security/ResetApiTokenEdit?retURL=%2Fui%2Fsetup%2FSetup%3Fsetupid%3DPersonalInfo&setupid=ResetApiToken

Replace <YourDomain> with your org's Lightning subdomain while already logged in. This bypasses the settings sidebar and takes you directly to the reset page.
Upgrade & Skip This Forever

The new SFDC File Exporter uses secure OAuth login — no password, no security token, no hassle.

  • OAuth 2.0 login — browser-based, secure
  • No security token ever needed
  • Free version available
  • Active updates & support
Download Free

Still Need Help?

Our support team knows Salesforce inside out. Reach out and we'll help you get connected.

Contact Support