function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Apex REST Integration Http POST Issue

I am facing an issue while performing Apex REST integration. I am using the following piece of code to expose my Apex method as a REST Service which another entity can post data to. My code is as follows


@RestResource (urlMapping ='/postlead/*')

global class HttpPostHandler{



    global static void handleHttpPost(){


       //Code to create a new record          




Another application would perform an Http Post to my Apex REST URL however it does not involve any code and only allows configuration of parameters required to achieve a successful post to the below mentioned REST URL. I have configured the following attributes on the application that would be performing the Http Post to my Apex REST functionality.


Endpoint URL:  https://< instance>/services/apexrest/postlead


Credentials: Username /Password for my sfdc org


Header Parameters:  None


However when the application performs a Http Post the following error message is returned by SFDC.

[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]

I tried performing a little RnD and also found certain other posts on the Salesforce discussion boards which suggest that we

need to add an OAuth token as a header to the http post request.  My issues are:


  1. How do we get the value of the OAuth token that needs to be passed?
  2. How should it exactly be passed in the Http Header?
  3. Are there any other parameters that are required to be passed in the Http Headers to achieve a successful Http Post? If yes, then what are they, what values should be given for each param and how to pass them?


Please suggest.


1. you'd get an oauth token by going through one of the oauth authentication sequences (see the details on oauth/remote access in the help & training)

2. yes, its passed in the Authorization http header.

3. for POST you'd typically want to set the content-type header as well.


Hi Simon,


   Thanks for the reply. Is there any other way of autheticating the Apex REST call with just the username, pwd and security token? If yes, could you provide directions on how we can implement the same?




Henry AkpalaHenry Akpala

Yes you can use username/password+token but that is just for loging into the sfdc org.  You need to make a login() request and get a sessionId  before making a call to your service.  The person that I making the request to your service needs to do that first and that should return the key that is missing.




Amritesh SinghAmritesh Singh

Can you send me the code pls,i m facing the same problem,I have to create same type of post method for getting xml from external server.


But i am facing same authentication problem.


what changes i have to make in code(same as above) ,so that external server should be able to call my Endurl.


Pls help me


Thanx in advance