User login and authorization
Organizations have several methods of accessing the Salesforce CRM application. Access can be gained from the user interface (using a web browser), the API (for example, using an integrated client application or the Apex Data Loader), a desktop client (for example, Salesforce for Outlook), or from a mobile client application.
Whenever a login attempt is made to Salesforce using any of these methods, the user's login request is authorized by the system using the following sequence of checks:
- Does the user's profile have any login restrictions?
- Does the user's IP address appear within the organization's trusted IP address list?
- Has the user been activated from this IP address before?
- Does the user's web browser have a valid ...