function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Michael DsozaMichael Dsoza 

OAuth implementation in Salesforce


I want to implment OAuth security in salesforce and for that I have created connected app and I am able to access data from third party application by using Bearer token (generated by using client id and client secret).  but i have following doubts as,

1) When we create connected app then is it available/mandotary for all services to authorize oAuth connected app ??
2) Can we restrict oAuth for some/limited services like lead, case services only ?

please help me to solve it.

Thanks :)

Here are the answers as per my information :-

1.) Yes,it is mandatory for all the services using the connceted app to authorize the connected app.

2.) Access is controlled by the oAuth scope which you will select while creating app.There are quite a few options available to select.Go through the below link to learn more about the options :-

If this helps,please mark it as best answer to help others :)
Michael DsozaMichael Dsoza
HI Vinit,

Thanks for your reply :)

I would like to know, How can I test oAuth with REST services ???
Before I use workbench, it gets authenticated as well as authorized. 

I tried using soap ui tool, and I am able to access salesforce by using accessToken (client id, client secret, username, password and grant_type) but I would like to test the same service without oAuth and I want to check whether it allows me or not.

If I dont create connected App for oAuth and I want to access rest services then how can I access it ???

Thanks :) 

You need to make HTTP Request using HTTP request class to test your REST services.You will need some Rest tool like Rest Client,Fiddler,etc.  instead of SOAP UI for the same.

Go through the below link to lear more about HTTP Request class :-

Hope this helps !!
Michael DsozaMichael Dsoza
Hi Vinit,

Sorry to say but still I am confuse in understanding connected app working for oAuth.

For making my query simple,

1) How can I create Lead in salesforce through rest service using SOAP UI tool, if connected app is not created (Basic Authentication)??
Rest Service URI -
JSON POST Data - {
    "LastName" : "lastNmae",
    "Company" : "TCS"

2) I want to use oAuth only for rest service request uri as and If any other rest request arrives then it should be allowed with basic authentication. So please let me know how can i achieve this ???

Thanks alot for giving your valuable time to help me :)
Let me answer one by one :-

1.) SOAP UI is a SOAP based tool for REST API you should be using REST based tool like Fiddler or Rest Client.

2.) for your 2nd question go through my answer at below post .

Hope this helps !!
Michael DsozaMichael Dsoza
Hi Vinit,

I tried the to send HTTP request with rest client but getting the same response.User-added image

Is it must to authorize with oAuth while using rest service ?

Thanks :)
OAuth is a 2 Step process :-

1.) Authorize the request for the first time and get the authorization token.

2.) Once you have Authorization token use it in your subsequesnt request (Like,GET,PUT,PATCH.etc.)

Hope this helps !!
Michael DsozaMichael Dsoza
Hi Vinit,

I want to invoke above rest service from rest client WITHOUT using oAuth.

when I hit that url the Lead metadata information shold be display as it appears in workbench.

Can you please tell me, then also it will two step process,

1) get the session id (if yes then how to get  session id means URI to get session id)
2) use the session id to invoke service 

Thanks :)