Analytics REST API Developer Guide
jNewer Version Available
Analytics REST API Authentication
The following sections introduce authentication and provide the steps you need to follow to set up authorization and connect to Analytics REST API using OAuth.
Understanding Authentication
Before making API calls using the Analytics API, you must authenticate the application user using OAuth 2.0. To do so, you’ll need to do the following:
- Set up your application as a connected app in the Salesforce organization.
- Determine the correct Salesforce OAuth endpoint for your connected app to use.
- Authenticate the connected app user via one of several different OAuth 2.0
authentication flows. An OAuth authentication flow defines a series of steps used to
coordinate the authentication process between your application and Salesforce. Supported
OAuth flows include the following:
- Web server flow, where the server can securely protect the consumer secret.
- User-agent flow, used by applications that cannot securely store the consumer secret.
- Username-password flow, where the application has direct access to user credentials.
Set Up Authorization
Create a connected app in a Salesforce organization and enable OAuth. The client application uses the connected app to connect to Salesforce.
- In your Salesforce organization, from Setup, click Create | Apps , and in the Connected Apps section, click New to create a new connected app.
- Clients can use a connected app to sign in to any organization, even if the connected app isn’t defined in that organization.
- Enter a connected app name.
- Select Enable OAuth Settings.
- Enter a Callback URL. It must be secure: use https:// and not http://.
- Enter an OAuth scope. Select Access and manage your data (api) in addition to any other scope you want your connected app to allow access to.
- Click Save.
- The Consumer Key is created and displayed, and a Consumer Secret is created (click the link to reveal it).
Connect to Analytics REST API Using OAuth
Use OAuth to connect to Salesforce and get an access token. Pass the access token in requests to Analytics API.
This table maps the terms used in the connected app you created to the OAuth properties used in the examples. The OAuth 2.0 specification uses the word “client” instead of “consumer.”
|
Connected App Application Label |
Value in Example |
|---|---|
| Consumer Key | client_id Key |
| Consumer Secret | client_secret |
To make a request to Salesforce, substitute values from your organization into these examples:
- Generate the access token.
This cURL command generates an access token:
1curl --form 2client_id=3MVG9PhR6g6B7ps4xDycwGrI4PvjVZvK9 3 --form client_secret=8870355475032095511 4 --form grant_type=password 5 --form username=admin@seattleapps.com 6 --form password=1Lsfdc! 7https://login.salesforce.com/services/oauth2/tokenThe response includes the server instance and the access token:
1{ 2"id":"https://login.salesforce.com/id/00Di0000000hT9uEAE/005i00000022uIbAAI", 3"issued_at":"1302907727777", 4"instance_url":"https://yourInstance.salesforce.com", 5"signature":"5jcevY5fUai0lWntuSxkwBzWcvRjd01RCOkIBZpyGv0=", 6"access_token":"00DD0000000FJ6T!AQkAQPde_DMF2vGzddfZmBRS95GojDbtA 7 8rKkgukAgZP0OVFYY5KkAqhLw9ejeKIlpJ3FgwGAWeRlBiWRt8mfXEuAZGbZNosk" 9} - To request an Analytics REST API resource, use the returned instance_url as the server
instance. Pass the returned access_token as a Bearer token in the Authorization request
header.
1curl -X GET https://yourInstance.salesforce.com/services/data/v42.0/wave 2 -H 'Authorization: Bearer 00DD0000000FJ6T!AQkAQPde_DMF2vGzddfZmBRS95Goj 3 DbtArKkgukAgZP0OVFYY5KkAqhLw9ejeKIlpJ3FgwGAWeRlBiWRt8mfXEuAZGbZNosk'
|
Property |
Value in Example |
|---|---|
| Server instance | yourInstance.salesforce.com |
| client_id | 3MVG9PhR6g6B7ps4xDycwGrI4PvjVZvK9 |
| client_secret | 8870355475032095511 |
| grant_type | password The value of grant_type depends on the OAuth authentication flow you use |
| username | admin@seattleapps.com |
| password | 1Lsfdc! |