User Interface API Developer Guide

Get Started with User Interface API
User Interface API Quick Start
User Interface API Sample Apps
Supported Objects
Authentication, Versioning, Limits, ETag, and More
Use CORS to Access Salesforce Resources from Web Browsers
Status Codes and Error Responses
User Interface API Features
User Interface API Resources
User Interface API Request Bodies
User Interface API Response Bodies
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Authentication, Versioning, Limits, ETag, and More

Learn the high-level facts about how to use User Interface API. How do you authenticate? How is the API versioned? What are the rate limits? All the information you need, available at a glance.
Authentication
Like other Salesforce REST APIs, User Interface API uses OAuth 2.0. To specify OAuth settings, create a connected app in Salesforce. You can specify the api or full OAuth scopes.
Versioning
User Interface API is versioned. Specify the API version number in each request. 
1GET https://{your_salesforce_instance}.salesforce.com/services/data/v42.0/ui-api
Limits
The User Interface API uses the Salesforce API limits. When you exceed the rate limit, all User Interface API resources return a 503 Service Unavailable error code.
Case Sensitivity
When writing a User Interface API client, assume case sensitivity. Some parts of the API aren’t case-sensitive, but some are, so it’s best to assume case sensitivity.
HTTP Caching with ETag
To reduce network traffic and increase your app’s response time, make conditional HTTP requests that take advantage of browser caching. If the browser cache holds the latest version of a representation, the web server returns only HTTP headers.
To take advantage of caching, User Interface API responses include an ETag header field. The ETag (or Entity Tag) contains a hash that identifies a representation: ETag: "b9a5cd4fbfcf1b65b03d95a4d9ffa8f4--gzip". When a representation changes, the web server generates a new ETag. 
1GET /ui-api/object-info/account
2
3HTTP/1.1 200 OK
4Date: Tue, 07 Nov 2017 04:27:43 GMT
5Strict-Transport-Security: max-age=31536000; includeSubDomains
6X-Content-Type-Options: nosniff
7X-XSS-Protection: 1; mode=block
8Content-Security-Policy: upgrade-insecure-requests 
9X-Robots-Tag: none
10Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
11Set-Cookie: BrowserId=GHrCS0saRl64DgVv-NrLjA;Path=/;Domain=.salesforce.com;Expires=Sat, 06-Jan-2018 04:27:45 GMT;Max-Age=5184000
12Expires: Thu, 01 Jan 1970 00:00:00 GMT
13ETag: "b9a5cd4fbfcf1b65b03d95a4d9ffa8f4--gzip"
14Content-Type: application/json;charset=UTF-8
15Vary: Accept-Encoding
16Content-Encoding: gzip
17Transfer-Encoding: chunked
18
19
20{
21  "apiName" : "Account",
22  "childRelationships" : [ {
23    "childObjectApiName" : "Account",
24    "fieldName" : "ParentId",
25    "junctionIdListNames" : [ ],
26    "junctionReferenceTo" : [ ],
27    "relationshipName" : "ChildAccounts"
28    ... response shortened ...
29    ]}
30    ...
31}
The client saves the ETag and sends it in a header in subsequent requests for the resource: If-None-Match: “b9a5cd4fbfcf1b65b03d95a4d9ffa8f4”. The web server compares this ETag value with the ETag value of the current version of the representation. If the values are the same, the browser cache holds the latest version and the web server returns an HTTP status of 304 Not Modified.