+ Start a Discussion

REST API Access gives INVALID_SESSION_ID as a result



I know there are several posts on this subject, but none of them have solved my problem. I have successfully completed the OAUTH2 workflow and gotten an Access Token and Instance URL from the OAuth2 Redirect. I then save these two and now am trying to access data using curl, as shown below.


$ curl 'https://na9.salesforce.com/services/data/v20.0/' -H 'Authorization: Bearer access_token
I get the following as the response:
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]
The following works fine:

I have reviewed the following posts:


One of them mentions I need to send an email to Alex to enable API Remote Access - is that still needed?
Note that the Access Token is correct and is fresh (only 10 minutes old). Instance_url is also correct.

Below is the log of the curl, indicating 401 Unauthorized as the cause.


* About to connect() to na9.salesforce.com port 443 (#0)
* Trying connected
* Connected to na9.salesforce.com ( port 443 (#0)
* successfully set certificate verify locations:
* CAfile: C:\dev\tools\Git\bin\curl-ca-bundle.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-MD5
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Salesforce.com, Inc.; OU=Applications; CN=na9.salesforce.com
* start date: 2010-12-16 00:00:00 GMT
* expire date: 2012-12-15 23:59:59 GMT
* common name: na9.salesforce.com (matched)
* issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 International Server CA - G3
* SSL certificate verify ok.
> GET /services/data/v20.0/ HTTP/1.1
> User-Agent: curl/7.21.1 (i686-pc-mingw32) libcurl/7.21.1 OpenSSL/0.9.8r zlib/1.2.3
> Host: na9.salesforce.com
> Accept: */*
> Authorization: Bearer 00DE0000000axkl!ARsAQBSw.MrOzpseWu7W0WfC_Ulg6sDkDc58lf7PY0G6rsnotqouGEGhb5gAfyVznD.k9PWOG5LVYtLAFQp0Rq7hAxQvnDwy
< HTTP/1.1 401 Unauthorized
< Server:
< WWW-Authenticate: Token
< Content-Type: application/json; charset=UTF-8
< Transfer-Encoding: chunked
< Date: Sun, 05 Aug 2012 23:47:56 GMT
* Connection #0 to host na9.salesforce.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):



Hi Clarius,


Try this request:


curl -X GET https://ap1.salesforce.com/services/data/v23.0/ -H "Authorization: OAuth AccessToken" -H "X-PrettyPrint:1"


I can sent this request successful and can get the response from Salesforce.

BTW, I use Windows CMD to run curl command.


Thank you!