Generate the Access Token

Generate an access token for customers to use as the bearer token to make requests to the Interaction Service APIs. You must use a signed JSON Web Token (JWT) to generate the access token.

Get the consumer key of the Interaction Service connected app.

  1. From Setup, in the Quick Find box, enter App Manager, and then select App Manager.
  2. From the dropdown list to the right of the connected app you created in Create the Interaction Service Connected App, select View.
  3. Click Manage Consumer Details.
  4. Verify your identity with the verification code sent to the email address of your Salesforce account.
  5. Copy the consumer key.

Using your preferred method, such as JWT.io, generate a signed JWT.

  1. For the header, set the alg header parameter to the RSA256 hash algorithm.

  2. For the payload, set these JWT claims:

    • iss: The consumer key of the connected app you created.
    • sub: The username of the Salesforce user account.
    • aud: The login URL for the Salesforce org.
    • exp: The expiry date and time for the token, measured in milliseconds since the Unix epoch.
  3. For the signature, add the contents of your public and private keys in PEM format, making sure to include the respective headers and footers. You can find the public key in the server.crt file and the private key in the server.key file.

Use the cURL command to create an access token, where JWT is the signed JWT you generated, and OAUTH_AUTH_ENDPOINT with the OAuth authorization endpoint, such as https://login.salesforce.com/services/oauth2/token.

Instead of using login.salesforce.com, you can also use the My Domain, Experience Cloud site, or test.salesforce.com (sandbox) domain in these endpoints. For hostname, use the My Domain, Experience Cloud site, or custom URL. All endpoints require secure HTTP (HTTPS).

The resulting token has the format {orgId}!{token}. Share this token with your customers to use as the bearer token to make requests to the Interaction Service APIs.

See Also