Apex Code Development You need to sign in to do that
Don't have an account?
Maciej Stasieluk Access contact photo with HTTP request using oauth access token
I have a valid access token (from oauth login flow) and Contact PhotoUrl value (from a REST API call).
Is there a way to combine this two and construct a HTTP browser request that could actually allow me to fetch the image?
As per documentation, PhotoUrl returns a path to be combined with the URL of a Salesforce instance (which I also have) to generate a URL to request the profile image associated with the contact. Generated URL returns an HTTP redirect (code 302).
Everything works as long as user is logged into salesforce in the same browser session. But once the session is out, this generated URL returns 401 error instead of 302 redirect. Because I have a valid oauth access token (from some out of band way) I could pass it with the request to fetch the image.
I found some undocumented property of this PhotoUrl - if you append ?oauth_token=<valid access token> to it you will actually make the redirect and get final image url, e.g. something like https://yourInstance.salesforce.com/profilephoto/005/T
But browser cannot fetch this image, because the session is still out. Simple https://yourInstance.salesforce.com/profilephoto/005/T?oauth_token=<valid access token> would do the trick, but all query params are getting stripped during 302 redirect, and as of my knowledge there is no way to get value after the redirect from the browser.
Does anyone have any idea how browser could fetch actual image using data I mention?
https://c.eu1.content.force.com/profilephoto/729D00000009Lfu/T
Your access token is a valid session ID. You can use it in the frontdoor URL to redirect to the image
use the "sid" parameter for your session ID and retURL for the targete profile picture
Use your own POD for this special URL as following example : In this example : eu1.salesforce.com is my POD, sid parameter is hosting a (altered) session ID and retURL is pointing to my profile picture.
If I copy/paste this in the browser when unauthenticated I can display the picture (and of course I am then authenticated with the related session)
All Answers
https://c.eu1.content.force.com/profilephoto/729D00000009Lfu/T
Your access token is a valid session ID. You can use it in the frontdoor URL to redirect to the image
use the "sid" parameter for your session ID and retURL for the targete profile picture
Use your own POD for this special URL as following example : In this example : eu1.salesforce.com is my POD, sid parameter is hosting a (altered) session ID and retURL is pointing to my profile picture.
If I copy/paste this in the browser when unauthenticated I can display the picture (and of course I am then authenticated with the related session)
Just want to add for anybody that will stumble upon this in the future: for this to work your access token must have "web" scope.
I tried in poershell and when I download the image it is containing useless html code, can you help me with it?