Salesforce is introducing a requirement for all customers to enable Multi-Factor Authentication (MFA) in their Salesforce instances.
Salesforce is exempting logins through the API from having MFA enabled. To ensure that Soapbox can continue to access Salesforce through the API, when you enable MFA in Salesforce, ensure that you disable the Multi-Factor Authentication for API Logins option for the Profile or Permission Set you use to enable MFA for the Salesforce user used by Soapbox.
For further details, you can review their document here:
Salesforce Multi-Factor Authentication FAQ
Policies specific to API users and MFA can be found under under "MFA Requirements for Login Types and Authentication Methods" where API / Integration Logins has its MFA Required? column set to No.
You can also see this further down the page here:
How will Salesforce exclude MFA-exempt user types from auto-enablement and enforcement?
There are several user types, including API/integration, automated testing, and RPA accounts, that aren't required to use MFA. We're currently working on plans for how customers can exclude these types of users from future auto-enablement and enforcement milestones. We'll update this FAQ and your products' documentation when more information is available.
You said that when you tested, one step you did was "entered that user's credentials in to Soapbox". Is there something else we need to do to re-enter any of Jaclyn's info into Soapbox?