Force.com Streaming API Developer Guide

Getting Started with Force.com Streaming API
Code Examples
Example: Interactive Visualforce Page
Example: Visualforce Page
Example: Java Client
Example: Replay PushTopic and Generic Streaming Events Using a Visualforce Page
Example: Authentication
Set Up Authentication for Developer Testing
Set Up Authentication with OAuth 2.0
Using Streaming API
Generic Streaming
Reference
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Set Up Authentication with OAuth 2.0

Setting up OAuth 2.0 requires some configuration in the user interface and in other locations. If any of the steps are unfamiliar, you can consult the Force.com REST API Developer Guide or OAuth 2.0 documentation.

The sample Java code in this chapter uses the Apache HttpClient library which may be downloaded from http://hc.apache.org/httpcomponents-client-ga/.

  1. In Salesforce Classic, from Setup, enter Apps in the Quick Find box, then select Apps. Or in Lightning Experience, enter App in the Quick Find box, then select App Manager. Click New in the Connected Apps related list to create a new connected app.

    The Callback URL you supply here is the same as your Web application's callback URL. Usually it’s a servlet if you work with Java. It must be secure: http:// doesn’t work, only https://. For development environments, the callback URL is similar to https://my-website/_callback. When you click Save, the Consumer Key is created and displayed, and a Consumer Secret is created (click the link to reveal it).

    The OAuth 2.0 specification uses “client” instead of “consumer.” Salesforce supports OAuth 2.0.

    Note

    The values here correspond to the following values in the sample code in the rest of this procedure:

    • client_id is the Consumer Key
    • client_secret is the Consumer Secret
    • redirect_uri is the Callback URL.

    An additional value you must specify is: the grant_type. For OAuth 2.0 callbacks, the value is authorization_code as shown in the sample. For more information about these parameters, see https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com.

    If the value of client_id (or consumer key) and client_secret (or consumer secret) are valid, Salesforce sends a callback to the URI specified in redirect_uri that contains a value for access_token.

  2. From your Java or other client application, make a request to the authentication URL that passes in grant_type, client_id, client_secret, username, and password . For example:

    This method of authentication should only be used in development environments and not for production code.

    Important

Example

This example gets the session ID (authenticates), and then follows a resource, https://instance.salesforce.com/id/00Dxxxxxxxxxxxx/005xxxxxxxxxxxx contained in the first response to get more information about the user.

The output from this code resembles the following: