Connect to REST-based APIs

To connect to any REST-based API, such as REST API, Bulk API 2.0, or Connect API, follow these steps. For testing, use the Salesforce collection for Postman, which handles authorization for you.

Before you complete these steps, create a connected app. See Create a Connected App.

Also, activate OAuth2 settings in the connected app. See Enable OAuth Settings for API Integration.

After you activate the OAuth2 settings for the connected app, copy the Consumer Key and Consumer Secret values for the app. The Consumer Key maps to the client_id value that you use to obtain the authentication token, and the Consumer Secret maps to the client_secret.

Issue a POST request to the /services/oauth2/token endpoint. The body of the request must contain the consumer ID and secret for your Connected App. It must also contain the username and password of your API user.

If your request is accepted, the API returns a 200 response that contains information about the token.

Copy the value of the access_token property.

When you make subsequent calls to REST API or Bulk API 2.0, provide your authentication token as a header using the Bearer token syntax.

An easy way to test your authentication token is to issue a GET call to the /services/data/API_VERSION/limits endpoint.

If your request is successful, the response includes information about the API usage limits that apply to your account.

Authentication tokens expire based on the session policy for your org. When your token expires, issue another POST request to the authentication endpoint to obtain a new token.