• #17270
    Salesforce | sushant sushant #235
    Forcetalks

    How is Access Token used with REST API in Salesforce ?

    Hi All,

    How is Access Token used In REST API ?

    Please give suggestions

    Thanks

     

     

    #17823
    Salesforce | Vikas Kumar Vikas Kumar #376
    Forcetalks

    Hi sushant,

    Access token is used for authorization purpose.

    Once authenticated, every request must pass in the access_token value in the header. It cannot be passed as a request parameter.

    go through https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm for detail option

    Hope it may help

    #35252
    Salesforce | shariq shariq #1
    Forcetalks

    Hi,

    The first step in any API-based integration is getting an OAuth access token to authenticate your calls.

    Using the client ID and secret  call the REST Auth service to obtain an OAuth access token for authenticating your API calls. This sample call demonstrates how to POST to that resource to acquire an access token.

    POST https://auth.exacttargetapis.com/v1/requestToken
    Content-Type: application/json
    {
    “clientId”: “YOUR_CLIENT_ID”,
    “clientSecret”: “YOUR_CLIENT_SECRET”
    }

    200 OK
    {
    “accessToken”: “YOUR_ACCESS_TOKEN”
    “expiresIn”: 3600
    }

    The access token is returned in the accessToken property. Specify this access token to authenticate all other REST API calls via the Authorization header field with the Bearer HTTP authorization scheme.

    Refresh an Access Token
    Note the expiresIn property in the HTTP response to the requestToken API call. Access tokens expire one hour after they are issued. If you attempt to use an expired token, you receive a 401 Unauthorized HTTP response. If this happens, refresh your access token by calling requestToken again.

    Follow these considerations when using the API directly and doing your own OAuth token management.

    Do not request a new access token for every API call you make—-each access token is good for an hour and is reusable. Making two API calls for every one operation is inefficient and causes throttling.
    Be careful where you store your client ID and secret. Never expose this information on the client side via JavaScript or store it in a mobile application. Ensure that these credentials are stored securely in your application.

    Hope this helps!

    #36195
    Salesforce | Parul Parul #2
    Forcetalks

    Adding some points:

    Once access token is used for authorization purpose and authenticated, every request must pass in the access_token value in the header. It cannot be passed as a request parameter.

    go through https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm for detail option

    Hope it may helps

Viewing 4 posts - 1 through 4 (of 4 total)

Please to reply to this topic.

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

About Us

Forcetalks is a Salesforce collaboration platform for coders & developers, geeks & nerds, consultants & business heads, admins & architects, managers & marketers and of course the business owners. A community where you can learn from, where you can contribute to. For you. For Salesforce. Read More...

Copyright 2019 Forcetalks. All Right Reserved.

Log in with your credentials

or    

Forgot your details?