Newer Version Available
Headless Login: Send a Token Request
After you send the authorization request and get a code, exchange the code for an access
token.
| Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience |
| Available in: Enterprise, Unlimited, and Developer Editions |
-
From the Headless Identity API Demo folder in Postman, select Username Password
Login - Token Exchange.
Note the location of the POST request. It’s the /services/oauth2/token endpoint on your Experience Cloud site.
-
To see the request body, click Body. The token request for headless
login includes these parameters.
- code—The authorization code from Salesforce.
- grant_type—Defines the OAuth 2.0 grant type. Because the OAuth 2.0 authorization code grant type is the foundation of this flow, this parameter is set to authorization_code.
- client_id—The connected app consumer key.
- redirect_uri—The connected app callback URL, which points to the OAuth 2.0 echo endpoint.
- For the code, enter the authorization code that you received in your response from the previous step.
-
To send the request to the token endpoint, click Send.
Salesforce validates the token request and returns a response to your app. The response contains an access token that can be used to access Salesforce APIs and other identifying parameters. Here’s an example access token response in Postman.
1{ 2 "access_token": "00DR**********", 3 "sfdc_community_url": "https://MyExperienceCloudSite.my.site.com", 4 "sfdc_community_id": "0DBXXXXXXXXXXXXXXXX", 5 "signature": "CPk2JprUcxOmRHND71gJFn+SxyKe7jWqA1rQnFz9zZg=", 6 "token_format": "opaque", 7 "scope": "openid api", 8 "id_token": "eyJr**************", 9 "instance_url": "https://yourInstance.salesforce.com", 10 "id": "https://yourInstance.salesforce.com/id/00Dxxxxxxxxxxxx/005xxxxxxxxxxxx", 11 "token_type": "Bearer", 12 "issued_at": "1667600739962" 13}