function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
janak.kapadiajanak.kapadia 

Problems after authorization "Invalid Session ID" REST Api

I am using cUrl to test out the REST api. I am not using OAuth  to get the token. I am using the

curl https://test.salesforce.com/services/Soap/c/23.0/xxxxxxxxxx-H "Content-Type: text/xml; charset=UTF-8" -H "SOAPAction: login" -d @login.txt

 

to get the session id.

 

Then I am trying to use the session id as mentioned in the REST Api quick start guide. Though I am kind of confused what url I should be using to request Resources?

 

Thanks,

Janak.

Best Answer chosen by Admin (Salesforce Developers) 
janak.kapadiajanak.kapadia

Ok got it if I do this.

 

curl -v  https://cs4.salesforce.com/services/data/v23.0/ -H 'Authorization: OAuth [TOKEN]' -H "X-PrettyPrint:1"

 

Note the single quotes around Authorization. That way I don't need to escape "!".

 

All Answers

joshbirkjoshbirk

If you're just doing some local development, you could also use the username and password to get a working session ID.  Not sure if you're using OSX or not, but this is the Bash script I use with textmate:

 

json=$(curl -d "grant_type=password&client_id=${consumerkey}&client_secret=${privatekey}&username=${username}&password=${password}" https://login.salesforce.com/services/oauth2/token)

IFS=':' read -ra data <<< "$json"
session1=${data[7]}
session0=${session1:1}
session=${session0/\"\}/}

And then to get an object describe, for instance:

data=$(curl -s https://${pod}.salesforce.com/services/data/v20.0/sobjects/${TM_SELECTED_TEXT}/describe -H "Authorization: OAuth ${session}" -H "X-PrettyPrint:1")
echo $data

 

 Where "TM_SELECTED_TEXT" would be the object name itself.  Does that help?
janak.kapadiajanak.kapadia

Sorry I was not clear before.

I don't want to use OAuth. I want to grab the session id using the soap api and then use that.

 

But what I can't figure out is what should be the instance name that I use? Because if I use the instance name that is returned in the soap response I get an error "Invalid_session_id".

 

For example

 

curl -v https://cs4-api.salesforce.com/services/data/v23.0 -H "Authorization: OAuth <SESSION ID THAT IS RETURNED>"

 

"cs4-api.salesforce.com " is returned within <serverUrl> tags.

 

I still get the Invalid Session Id error.

 

Help please. I have spent way too much time on this.

 

Thanks,

Janak.
joshbirkjoshbirk

Does it work sans the "-api" in the url?  Just https://cs4.salesforce.com?

 

Don't know if it would help, but when I used the SOAP login to tinker with curl/REST, I hijacked the PHP toolkit.  A la:

require_once('soapclient/SforcePartnerClient.php');
$fr = fopen("php://stdin", "r");
  while (!feof ($fr)) {
    $input .= fgets($fr);
  }
  fclose($fr);

$params = split(":", trim($input));
$client = new SforcePartnerClient();
$client->createConnection('soapclient/partner.wsdl.xml');
$loginResult = $client->login($params[0],$params[1]);
print $client->getSessionId();

 I have that saved as a php file and then use this:

session=$(echo  ${username}:${password} | php -q ./loginasme.php)

And that token I could use with the same callout in the post before.  My instance url was "https://na8.salesforce.com"...
janak.kapadiajanak.kapadia

No it does not work without "-api".

 

Do I need to do the following step even if I am not using OAuth?

Setup | Develop | Remote Access, and click New to create a new remote access application 

 

Thanks,

Janak.
joshbirkjoshbirk

No, I don't believe so.  Consumer/Private key is needed for OAuth to confirm the permissions.  The REST API itself just need the token for the Authorization header.
joshbirkjoshbirk

What does the curl callout you use with the session look like?
janak.kapadiajanak.kapadia

curl https://cs4.salesforce.com/services/data/v23.0/ -H "Authorization: OAuth [TOKEN}" -H "X-PrettyPrint:1"

 

I am using this doc http://www.salesforce.com/us/developer/docs/api_rest/index_Left.htm#StartTopic=Content/quickstart.htm
joshbirkjoshbirk

That token is escaping out the "!", which isn't needed.  Worked when I removed that \.

 

I'd recommend editing your post to remove the token too, since it's valid now...

 

[update] Used admin powers to do so...
janak.kapadiajanak.kapadia

I am on ubuntu and I need to escape "!" with a "\" otherwise the command won't execute.

How are you executing the command?

Also the documentation link that I provided in the above post also says to escape the "!" with "\".

 

Thanks,

Janak.
janak.kapadiajanak.kapadia

Ok got it if I do this.

 

curl -v  https://cs4.salesforce.com/services/data/v23.0/ -H 'Authorization: OAuth [TOKEN]' -H "X-PrettyPrint:1"

 

Note the single quotes around Authorization. That way I don't need to escape "!".

 

This was selected as the best answer
joshbirkjoshbirk

Yup, that's the ticket.  
janak.kapadiajanak.kapadia

It would be great if you could get someone to update the documentation. Because the other API's (bulk API) does not have a problem when the "!" is escaped with "\" in the session id. It is just the REST API that has a problem with it.
joshbirkjoshbirk

Yeah, I see the reference in the docs around.  I'll knock on some doors and see if we can get that updated pronto.
janak.kapadiajanak.kapadia

One more questions can I create multiple records through the json format in REST API?
joshbirkjoshbirk

Not via the normal insert endpoint.  You could look at an Apex REST endpoint, or for large sets the bulk API is recommended.
Esha Sharma 3Esha Sharma 3
Hi Janak,

I also have session_ID from SOAP login would like to use the same session and upload file using Attachment API. Below is what I do and it is throwing Bad Request. Can you point out what is missing:

          builder = new PostMethod("https://gus.salesforce.com/services/data/v20.0/sobjects/Attachment/");
         builder.setRequestHeader("Authorization","OAuth " + lr.getSessionId()); 
         httpclient.executeMethod(builder);
        System.out.println(builder.getStatusText());   <<Bad Request
sandeep teerthsandeep teerth
Hi team, I have subscribed for developer account in Salesforce. Now I want to do some API calls to Salesforce. So as prerequisite I have created a connected app called Mule in sales force and I have enabled OAuth in it. API is enabled for my profile. 

As mentioned in the link ( https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm ) I am trying to get SessionID. I am using below link command.

curl https://login.salesforce.com/services/oauth2/token -d "grant_type=password" -d "client_id=******" -d "client_secret=*****" -d "username=mylogin@salesforce.com" -d "password=mypassword123456"

I got error {"error":"invalid_grant","error_description":"authentication failure"}

I tried same from postman using POST method, gave userid and password

https://login.salesforce.com/services/oauth2/token?grant_type=password&client_id=3MVG9YDQS5WtC11opKfz4w0XYTmO4dfE9Bwx4Ao7fy5fMPAuZfRBQFIIkUv78ln8gZ.bw3W2GicyQLnZyVu1I&client_secret=4284160506975427817

RESPONSE:
{
  "error": "invalid_grant",
  "error_description": "authentication failure"
}

can some one please help ?