The REST API is a powerful web service API that allows you to interact with Force.com. Its advantages include ease of integration and development, and it’s an excellent choice of technology for use with mobile applications and Web 2.0 projects.

This article will guide you through the process of creating a simple jQuery application that connects to the REST API and allows you to create records in your salesforce organization directly from an external website. The same process could be used to create a mobile application for your sales reps, or integrating a backend system with salesforce to sync data.

Requirements

  • A salesforce developer edition
  • A web server that runs on HTTPS and that is accessible to the Internet. This is necessary to host the HTML files.

Step 1. Creating a Connected App

Because we are creating a new application that will connect to salesforce, a Connected App is needed to  make salesforce aware of this application.

  1. Go to Setup | Create | Apps and click New under Connected Apps.
  2. Specify the Name and API Name.
  3. Select Enable OAuth Settings.
  4. Under Callback URL specify the URL of the web page that we’ll use to create account records.
  5. Move all the available OAuth scopes to the Selected box under Selected OAuth Scopes.
  6. Click Save.

You should now have a Consumer Key and Consumer Secret, keep these values handy.

Step 2. Choosing the correct Authentication flow

The first step in connecting to the REST API is to authenticate the user and get a valid access token (session Id) that can be used in subsequent calls to the API.

Depending on the type of application you are creating, the authentication flow will be different. In this case, we’ll use the User-Agent OAuth Flow because our application runs in the client side (the user’s browser).

At a basic level, the flow is as follows:

  1. The application redirects the user to the authorization endpoint passing the required parameters, i.e response_type, client_id and redirect_uri.
  2. The user logs in with their salesforce credentials.
  3. The authorization endpoint redirects the user to the redirect URL (this is the web page you specified in the Connected App) and appends the access token (session Id) to the URL.
  4. You can then use this access token to make calls to the API.

Step 3. Create the initial html page

Create an HTML page called ConnectRESTAPI.html.  This page has a button that allows the user to connect to the REST API. Note this is not the same page that we configured as the callback URL, we will work on that one on the next step.

");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"96ZND-LJLSH-JXHC9-F8GQP-6WCGS";var o=document.currentScript||document.getElementsByTagName("script")[0],i=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!i)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),o.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="3be5rnyxibyeu2rv4w7a-f-b91a9d5d2-clientnsv4-s.akamaihd.net",o="false"=="true"?2:1,i={"ak.v":"41","ak.cp":"1836958","ak.ai":parseInt("1224868",10),"ak.ol":"0","ak.cr":9,"ak.ipv":4,"ak.proto":"h2","ak.rid":"a5e2bbb8","ak.r":42169,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.cport":45754,"ak.gh":"23.52.43.87","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"","ak.t":"1781917118","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==R95ZdEs1PUJO4zpgY/wu7IKv/P9v1Abkjhd1i741XOpLrFOhTMh1kkoKKz0I4BRvX+g/N0wY7cUx7iDkLGI8XCRRkmPji4C9/4EXeL9ZMI5vJ3mbtFgctjDd9DvVXhSIgO5LCmoQjTD9cZYII4XKMaoHCIfRVZwKwAX5q9aGHtFBFafbWO1lvO9otDvd8v5/ODkjVQhUuzZv+8WVJSSTrAHDLMBJu68xvSQRsUAJrP1uFSs8eIl+UcQfLr2pvaECJ1gnKfwOB5dRBQs9slrAiGKB3Y3NCVLOH4jmI0VhGAMoWIG1rGTc22A9gofGHnT7AinIDsyG+f3SJ3e9gf1xCf/t+ECU3KJaGqTrrhuJpWTeCnWifM3ZDptd+x1TnfH0FM9++6n2phcyxqBdErCw8fo5yzj7r90TPwgUf3j22yM=","ak.pv":"94","ak.dpoabenc":"","ak.tf":o};if(""!==t)i["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))i["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(i)},rv:function(){var e=["ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:i,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);

REST API With Javascript

">

Step 4. Create the page used as the callback URL

Create an HTML page called UseRESTAPI.HTML. This is the page that we configured as the callback URL and will also be the main page from where we will make API calls.

");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"96ZND-LJLSH-JXHC9-F8GQP-6WCGS";var o=document.currentScript||document.getElementsByTagName("script")[0],i=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!i)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),o.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="3be5rnyxibyeu2rv4w7a-f-b91a9d5d2-clientnsv4-s.akamaihd.net",o="false"=="true"?2:1,i={"ak.v":"41","ak.cp":"1836958","ak.ai":parseInt("1224868",10),"ak.ol":"0","ak.cr":9,"ak.ipv":4,"ak.proto":"h2","ak.rid":"a5e2bbb8","ak.r":42169,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.cport":45754,"ak.gh":"23.52.43.87","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"","ak.t":"1781917118","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==R95ZdEs1PUJO4zpgY/wu7IKv/P9v1Abkjhd1i741XOpLrFOhTMh1kkoKKz0I4BRvX+g/N0wY7cUx7iDkLGI8XCRRkmPji4C9/4EXeL9ZMI5vJ3mbtFgctjDd9DvVXhSIgO5LCmoQjTD9cZYII4XKMaoHCIfRVZwKwAX5q9aGHtFBFafbWO1lvO9otDvd8v5/ODkjVQhUuzZv+8WVJSSTrAHDLMBJu68xvSQRsUAJrP1uFSs8eIl+UcQfLr2pvaECJ1gnKfwOB5dRBQs9slrAiGKB3Y3NCVLOH4jmI0VhGAMoWIG1rGTc22A9gofGHnT7AinIDsyG+f3SJ3e9gf1xCf/t+ECU3KJaGqTrrhuJpWTeCnWifM3ZDptd+x1TnfH0FM9++6n2phcyxqBdErCw8fo5yzj7r90TPwgUf3j22yM=","ak.pv":"94","ak.dpoabenc":"","ak.tf":o};if(""!==t)i["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))i["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(i)},rv:function(){var e=["ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:i,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);

REST API With Javascript

Create Account Record



">

Step 5. Whitelist your domain

Because your page is on a different domain that your salesforce organization, we need to whitelist it to allow javascript callouts to access resources from your organization.

  1.  Go to Setup | Security Controls | CORS.
  2. Add your domain to the list of Whitelisted Origins.

Test your application

  1. Load the initial HTML page and click the “Connect to the REST API” button.
  2. You will be asked to log into your org and to grant permission to the application.
  3. You will then be redirected to the main HTML page.
  4. Add a name to the “Name” field and click submit, if everything works fine you should see something like this:

SuccesScreen.png

The complete code for this example can be found at https://github.com/pgonzaleznetwork/SFDC-Projects

What next?

You should now have the basic knowledge to start creating applications with the REST API. This example focused on creating applications on the client side, but you can also create applications on a server using a server side code like Java or PHP. Check out the Force.com REST API Developer’s Guide to learn more.

About the Author

Pablo Gonzalez is a member of the Mission Critical Support team which provides the highest level of support to enterprise Salesforce customers. They also assist developers to troubleshoot their integration with salesforce.com APIs, Apex, Visualforce and implementation of other salesforce.com developer products.