Sunday, October 29, 2017

Creating Lightweight Integrations with the Force.com REST API

REST API is simple access to Salesforce data and functionality via RESTful endpoints. It uses resource definition and HTTP verbs in a stateless fashion in order to communicate with the system.

Salesforce uses the OAuth protocol to allow users of applications to securely access data without having to reveal username and password credentials.

Before making REST API calls, you must authenticate the application user using OAuth 2.0. To do so, you’ll need to:
  • Set up your application as a connected app (that defines your application’s OAuth settings) in the Salesforce organization. When you develop an external application that needs to authenticate with Salesforce, you need to define it as a new connected app within the Salesforce organization that informs Salesforce of this new authentication entry point.
  • Determine the correct Salesforce OAuth endpoint for your connected app to use. OAuth endpoints are the URLs you use to make OAuth authentication requests to Salesforce.
  • Authenticate the connected app user via one of several different OAuth 2.0 authentication flows. An OAuth authentication flow defines a series of steps used to coordinate the authentication process between your application and Salesforce. Supported OAuth flows include:
    • Web server flow, where the server can securely protect the consumer secret.
    • User-agent flow, used by applications that cannot securely store the consumer secret.
    • Username-password flow, where the application has direct access to user credentials.
After successfully authenticating the connected app user with Salesforce, you’ll receive an access token which can be used to make authenticated REST API calls.

I have created a connected app "Sample Connected App". I have enabled OAuth Settings and entered a Callback URL. Depending on the OAuth flow, this is typically the URL that a user’s browser is redirected to, with either the authorization code or token, after successful authentication. The scopes under Selected OAuth Scopes refer to permissions given by the user running the connected app.

The Consumer Key and Consumer Secret is created which can be used to authenticate your application.

Click on Manage to see additional settings.

I have selected Relax IP Restrictions under IP Relaxation. Now lets go into Postman. I will be posting values, and for that I have to provide data in payload to get back the token. I will be using form-data as I will be providing a number of values. I have set the grant-type as password because I will be using username-password OAuth authentication flow (which is not ideal in most cases). The value for client_id will be the consumer key.

So this says that we have logged-in. Now lets try to get a list of accounts. Create a new request using the instance URL (INSTANCE_URL/services/data/v41.0/sobjects/account) that we received in the response earlier and for Authorization, concatenate Bearer and the access_token. Click the send button, and you will notice the response.

Similarly, you can check the responses for the below request URL:
INSTANCE_URL/services/data/v41.0/sobjects/account/describe
INSTANCE_URL/services/data/v41.0/sobjects/account/0017F00000I5zDl
INSTANCE_URL/services/data/v41.0/query?q=select+name+from+account

You can append .xml or .json to URI to get back the right representation. This works in most cases. If you are doing searches, it doesn't work in this way; in such cases, add "accept" header. The default is JSON if you are working in REST API. Now lets add Accept header to a standard HTTP header.

You can now remove Accept header and then append .xml to URI to get the same reponse.

Reference:
https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_authentication.htm
https://www.forcetalks.com/salesforce-topic/how-to-do-salesforce-to-salesforce-integration-using-rest-api/
Share This:    Facebook Twitter

1 comment:

Total Pageviews

My Social Profiles

View Sonal's profile on LinkedIn

Tags

__proto__ $Browser Access Grants Accessor properties Admin Ajax AllowsCallouts Apex Apex Map Apex Sharing AssignmentRuleHeader AsyncApexJob Asynchronous Auth Provider AWS Callbacks Connected app constructor Cookie CPU Time CSP Trusted Sites CSS Custom settings CustomLabels Data properties Database.Batchable Database.BatchableContext Database.query Describe Result Destructuring Dynamic Apex Dynamic SOQL Einstein Analytics enqueueJob Enterprise Territory Management Enumeration escapeSingleQuotes featured Flows geolocation getGlobalDescribe getOrgDefaults() getPicklistValues getRecordTypeId() getRecordTypeInfosByName() getURLParameters Google Maps Governor Limits hasOwnProperty() Heap Heap Size IIFE Immediately Invoked Function Expression Interview questions isCustom() Javascript Javascript Array jsForce Lightning Lightning Components Lightning Events lightning-record-edit-form lightning:combobox lightning:icon lightning:input lightning:select LockerService Lookup LWC Manual Sharing Map Modal Module Pattern Named Credentials NodeJS OAuth Object.freeze() Object.keys() Object.preventExtensions() Object.seal() Organization Wide Defaults Override PDF Reader Performance performance.now() Permission Sets Picklist Platform events Popup Postman Primitive Types Profiles Promise propertyIsEnumerable() prototype Query Selectivity Queueable Record types Reference Types Regex Regular Expressions Relationships Rest API Rest Operator Revealing Module Pattern Role Hierarchy Salesforce Salesforce Security Schema.DescribeFieldResult Schema.DescribeSObjectResult Schema.PicklistEntry Schema.SObjectField Schema.SObjectType Security Service Components Shadow DOM Sharing Sharing Rules Singleton Slots SOAP API SOAP Web Services SOQL SOQL injection Spread Operator Star Rating stripInaccessible svg svgIcon Synchronous this Token Triggers uiObjectInfoApi Upload Files VSCode Web Services XHR
Scroll To Top