No more soap

You have seen an email from Salesforce that spoke about deprecating SOAP API logins in the Summer ’27 release.

This functionality allowed external systems to log in to SF using the SOAP API. Although not as popular as REST API (or other forms of authentication), SOAP is robust.

To see which systems use SOAP API:

1. Go to Setup > Security > Event Monitoring > Event Monitoring Settings, and enable Generate event log files
2. Wait at least 24 hours
3. Go to Setup > Security > Event Monitoring > Event Log File Browser, and download the ApiTotalUsage log
4. Open the .csv in Excel and review columns F and G (API_FAMILY and API_VERSION, respectively)
5. Look for API_FAMILY = “SOAP” and API_VERSION < 64
6. For those entries, look at column I (CLIENT_NAME) to see which entity needs upgrading

The takeaway
As part of its draconian approach to improved security, Salesforce will soon retire SOAP API login() in all API versions.