You need to sign in to do that
Don't have an account?
Cheryl Judd
Misbehaving REST API for inbound call using OAuth2
I have a client that is having problems accessing custom SF Rest API.
Login is successful using oauth2 token (services/oauth2/token) with grant_type = password. Attempt to access custom REST API using services/apexrest/myRESTInterface with received access_token & instance_url from login response, results in 403 (error code = MUTUAL_AUTHENTICATION_FAILED) from http POST of REST url.
Also, configured a connectedApp (restricted IPs) & profile for the login user.
Help ! I have checked thousands of settings & have performed a ton of googling. And, yep, not a premier customer either.
Here is some code ==>
1. Login call:
URL==> HTTPS://login.salesforce.com/services/oauth2/token
Payload ==> username=XXXXX%40myCompany.org&password=YYYYYYY&grant_type=password&client_id=ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ&client_secret=NNNNNNNNNNN
2. Custom Rest Call (using access_code & instance_url from login response):
URL==> HTTPS://NA18.SALESFORCE.COM/services/apexrest/myRESTInterface
Header ==> Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-PrettyPrint: 1
Payload ==> {"myPayload":["attribute1"]}
Login is successful using oauth2 token (services/oauth2/token) with grant_type = password. Attempt to access custom REST API using services/apexrest/myRESTInterface with received access_token & instance_url from login response, results in 403 (error code = MUTUAL_AUTHENTICATION_FAILED) from http POST of REST url.
Also, configured a connectedApp (restricted IPs) & profile for the login user.
Help ! I have checked thousands of settings & have performed a ton of googling. And, yep, not a premier customer either.
Here is some code ==>
1. Login call:
URL==> HTTPS://login.salesforce.com/services/oauth2/token
Payload ==> username=XXXXX%40myCompany.org&password=YYYYYYY&grant_type=password&client_id=ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ&client_secret=NNNNNNNNNNN
2. Custom Rest Call (using access_code & instance_url from login response):
URL==> HTTPS://NA18.SALESFORCE.COM/services/apexrest/myRESTInterface
Header ==> Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-PrettyPrint: 1
Payload ==> {"myPayload":["attribute1"]}
[1] https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_rest_methods.htm
[2] http://docs.releasenotes.salesforce.com/en-us/winter14/release-notes/rn_186_forcecom_security_two_way_mutual_auth.htm