Connect REST API Developer Guide

Connect REST API Developer Guide
Introduction
Quick Start
Prerequisites
Step One: Sign up for Salesforce Developer Edition
Step Two: Set Up Authorization
Step Three: Connect to Connect REST API Using OAuth
Connect to Experience Cloud Sites
Work with Features
Examples
Resources
Request Bodies
Response Bodies
Appendices
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Step Three: Connect to Connect REST API Using OAuth

Use OAuth to connect to Salesforce and get an access token. Pass the access token in requests to Connect REST API.

Complete Step Two: Set Up Authorization and create a connected app before starting this task.

This table maps the terms used in the connected app you created to the OAuth properties used in the examples. The OAuth 2.0 specification uses the word “client” instead of “consumer.”
Connected App Application Label Value in Example
Consumer Key client_id
Consumer Secret client_secret

This quick start uses the username-password OAuth authentication flow. The username-password authentication flow passes the user’s credentials back and forth. Use this authentication flow only when necessary, such as in this quick start. No refresh token is issued. In addition, Experience Cloud sites don’t support the username-password authentication flow. In this quick start, don’t make a request to a site URL.

Note

To make a request to Salesforce, substitute values from your organization into these examples.

  1. Generate the access token.
    This cURL command generates an access token.
    1curl -v https://login.salesforce.com/services/oauth2/token -d "grant_type=password" -d "client_id=3MVG9PhR6g6B7ps4xDycwGrI4PvjVZvK9" -d "client_secret=8870355475032095511" -d "username=admin@seattleapps.com" -d "password=test1234mB1riuD3n"
    The response includes the server instance and the access token.
    1{
2"access_token":"00Dd0000000d2Iy!AQgAQLwpOxN4DhZO2qB8PCbD8VU1T35znzeDeCm....",
3"instance_url":"https://instance_name.my.salesforce.com",
4"id":"https://login.salesforce.com/id/00Dd000000XXXXXXX/005d000000XXXXX",
5"token_type":"Bearer",
6"issued_at":"1486507938095",
7"signature":"uEY/R99P/uqgq0GYNQKcvKc9LqICOMf91NvwI2my4eI="
8}
  2. To request a Connect REST API resource, use the returned instance_url as the server instance. Pass the returned access_token as a Bearer token in the Authorization request header. 
    1curl -X GET https://instance_name/services/data/v55.0/chatter/users/me 
2     -H 'Authorization: Bearer 00DD0000000FJ6T!AQkAQPde_DMF2vGzddfZmBRS95Goj
3     DbtArKkgukAgZP0OVFYY5KkAqhLw9ejeKIlpJ3FgwGAWeRlBiWRt8mfXEuAZGbZNosk'
This example uses these values.
Property Value
client_id 3MVG9PhR6g6B7ps4xDycwGrI4PvjVZvK9
client_secret 8870355475032095511
grant_type password

The value of grant_type depends on the OAuth authentication flow you are using.

Append the user’s security token to their password. A security token is an automatically generated key from Salesforce. For example, if a user's password is mypassword, and their security token is XXXXXXXXXX, then the value provided for this parameter must be mypasswordXXXXXXXXXX.
username admin@seattleapps.com
password test1234mB1riuD3n