Step Two: Set Up Authentication

To successfully send requests, REST API requires an access token obtained by authentication. Although you can create and authenticate against your own connected app, these Quick Start examples use Salesforce CLI for convenience. Salesforce CLI is a connected app that you can authenticate, and it requires no work to configure.

Get an Access Token with Salesforce CLI

Use the access token (also known as a “bearer token”) that you get from Salesforce CLI to authenticate cURL requests.

  1. Install or update Salesforce CLI. .
    1. If you already have Salesforce CLI installed, update it using the instructions in Update Salesforce CLI.
    2. If you need to Install Salesforce CLI, install the latest version for your operating system.
    3. Verify Your Installation.
  2. Log in to your Developer org with Salesforce CLI.
    sf org login web
    A browser opens to https://login.salesforce.com.
  3. In the browser, log in to your Developer org with your user’s credentials.
  4. In the browser, click Allow to allow access.
    At the command line, you see a similar confirmation message.
    Successfully authorized juliet.capulet@empathetic-wolf-g5qddtr.com with org ID 00D5fORGIDEXAMPLE
  5. At the command line, get the access token by viewing authentication information about your org.
    sf org display --target-org <username>
    For example:
    sf org display --target-org juliet.capulet@empathetic-wolf-g5qddtr.com
    Example command output:
    === Org Description
    
     KEY             VALUE                                                                                                            
     ─────────────── ──────────────────────────────────────────────────────────────────────────────────────────────────────────────── 
     Access Token    00DE0X0A0M0PeLE!AQcAQH0dMHEXAMPLEzmpkb58urFRkgeBGsxL_QJWwYMfAbUeeG7c1EXAMPLEDUkWe6H34r1AAwOR8B8fLEz6nEXAMPLE
     Api Version     59.0
     Client Id       PlatformCLI
     Created By      jules@sf.com
     Created Date    2023-11-16T20:35:21.000+0000
     Dev Hub Id      jules@sf.com
     Edition         Developer
     Expiration Date 2023-11-23
     Id              00D5fORGIDEXAMPLE
     Instance Url    https://MyDomainName.my.salesforce.com
     Org Name        Dreamhouse
     Signup Username juliet.capulet@empathetic-wolf-g5qddtr.com
     Status          Active
     Username        juliet.capulet@empathetic-wolf-g5qddtr.com
    In the command output, make note of the long Access Token string and the Instance Url string. You need both to make cURL requests.

    To get a new token after your access token expires, repeat this step of viewing your authentication information.

    Note

Optional Salesforce CLI Shortcuts

After you’ve authenticated successfully, try out these optional shortcuts in your cURL workflow to streamline future authentication with the Salesforce CLI.

List My Orgs
sf org list
Lists all the orgs that you’ve created or authenticated to.
Open My Org
sf org open --target-org <username>
Opens the specified org (identified by username or alias) in your browser. Because you’ve successfully authenticated with this org previously using the org login web Salesforce CLI command, it’s not required to provide your credentials again.
Display the Access Token for My Org
sf org display --target-org <username>
Output includes your access token, client ID, connected status, org ID, instance URL, username, and alias, if applicable.

Set an Alias for My Username

For convenience, create an alias for your username so that you don’t have to enter the entire Salesforce string. For example, instead of
juliet.capulet@empathetic-wolf-g5qddtr.com
Create an alias like
dev
To set the alias in this example, run
sf alias set dev juliet.capulet@empathetic-wolf-g5qddtr.com

Use These Commands in a Script

Use the CLI’s JSON output by invoking the --json flag. Requesting JSON output provides a consistent output format, which is ideal for running scripts. Without the --json flag, the CLI can change the output format.

See Also