Wednesday, 21 June 2017

Test Salesforce API by Postman Rest Client | Postman and Salesforce | Calling APEX Rest service using Postman| OAuth 2.0


Force.com platform support powerful web services API for interaction with external app and salesforce.com . For secured interaction with third party app, Salesforce enforces authentication process.


Above image is picked from here.

If you want to configure the same the help of recording. Click here for recording.

Step 1) Connected App for OAuth

To perform OAuth in salesforce, you must create Connected App in salesforce

Follow below step to create connected App.

1) Click on Setup->Create->App


2) Then from above screen click on Connect Apps then New button. Then add all required information like below



 3) Now After creating connected App we have consumer key and consumer secret



Step 2) Create a REST API in salesforce.

Please check below post for REST API
1) Learn Rest API in salesforce | How to learn Rest API | Rest API in salesforce
2) Rest API in Salesforce | Execute Rest API on workbench | Test class for Rest API

Sample code to Start


@RestResource(urlMapping='/api/Account/*')
global with sharing class MyFirstRestAPIClass
{
@HttpGet
global static Account doGet()
{
RestRequest req = RestContext.request;
RestResponse res = RestContext.response;
String AccNumber = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);
Account result = [SELECT Id, Name, Phone, Website FROM Account WHERE AccountNumber = :AccNumber ];
return result;
}

@HttpDelete
global static void doDelete()
{
RestRequest req = RestContext.request;
RestResponse res = RestContext.response;
String AccNumber = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);
Account result = [SELECT Id, Name, Phone, Website FROM Account WHERE AccountNumber = :AccNumber ];
delete result;
}

@HttpPost
global static String doPost(String name,String phone,String AccountNumber )
{
Account acc = new Account();
acc.name= name;
acc.phone=phone;
acc.AccountNumber =AccountNumber ;
insert acc;

return acc.id;
}

}

Step 3) Get Access Token by POSTMAN

  3.1) Install the postman from here.

  Download URL :- https://www.getpostman.com/

  3.2) Generate URL

  OAuth Endpoints in Salesforce
  Authorization
: https://login.salesforce.com/services/oauth2/authorize
  Token Request: https://login.salesforce.com/services/oauth2/token




  There are two way to get Access token
  1) By Post Callout (Direct URL)
  2) By OAuth Setting in POSTMAN (Wizard one)

  3.2.1:- By Post Callout (Direct URL)

  Use below link to Generate the Token for accessing SFDC

https://na50.salesforce.com/services/oauth2/token?grant_type=password&client_id=***Consumer Key_Here***&client_secret=***Consumer Secret_Here***&username=*********&password=*****password+securityToken******






NOTE:-   May be After try to login you will get below error "Failed: Not approved for access"



     Please check below post to resolve this issue
    1) https://help.salesforce.com/articleView?id=000212208&language=en_US&type=1
    2) http://amitsalesforce.blogspot.com/2017/06/failed-not-approved-for-access-in.html
  

  Finally We have Access Token

  3.2.2:- By OAuth Setting in POSTMAN (Wizard one)

  •   Select Type OAuth 2.0

  • Then click on  "Get Access Token". Then provide all below detail.

  • Then click on Request Token button. Then it will ask you to enter userName and password.


  • Here we have Access Token
  


Step 4) Test APEX REST API. 

Now Copy the Access Token from above Screen. Add below detail to make get call



a.       End point URL: https://na50.salesforce.com/services/apexrest/api/Account/12345
b.      Select method as ‘GET
c.       Put the details in header as below:
Authorization: OAuth + Access Token



Or you can try like below as well.


Now Copy the Access Token from above Screen. Add below detail to make get call


a.       Click Add Token to "Header"
b.      Then select "Use Token"
c.       Then select Get Method and add below URL
https://na50.salesforce.com/services/apexrest/api/Account/12345




Please check below recording for end to end POSTMAN setup



Check this post to learn about how to configure SoapUI to run SOAP API Calls.


Related Post
1) Apex REST Basic Code Sample
2) Rest API
3) Understanding the Web Server OAuth Authentication Flow

Please let us know if this will help you

Thanks
Amit Chaudhary

26 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. Hello Amit,

    i have try many times i m getting error - using post man

    {
    "error": "invalid_request",
    "error_description": "must use HTTP POST"
    }

    providing all the details :

    https://na85.lightning.force.com/services/oauth2/token?grant_type=password&client_id=3MVG9KsVczVNcM8zO8SCer3lk8P1THcw8_C2baUZMX9QaiTpALkfuwdtjmRjAU2pVo89jIh4aqnCCzLsyf5wN&client_secret=2A9F00740014FFF52E19B1675E988F685427A1C361304B91F910F71529217D3C&username=prakumar@sonicwall.com&password=Password@1+snx4E4Aj8kXkDeiN3kMdtmW0j

    ---------------------------------------------------------------------
    Can any one help me on this.

    Thanks
    Pradeep Kumar

    ReplyDelete
    Replies
    1. Bro you just shared your username and password

      Delete
    2. Hello

      What do you want??

      Thanks
      PK

      Delete
    3. Hello pk, you have published here the username, password, client_id and client_secret. This information can be used by others to get YOUR data. Now it is important that you will replace your password and regenerate the client credentials ASAP

      Delete
    4. btw I think your issue is you're not doing a POST (probably doing a GET or something). Plus you shouldn't have a '+' between your pw and security token (unless that's part of your pw).

      Delete
  3. Hello Amit, Above post is very informative and detailed.

    I have an requirement where i need to execute an apex code using Rest Api without creating a Rest class or a wrapper.

    Could you please help me with that.

    ReplyDelete
  4. you have used =password+securityToken
    What is securitytoken
    how to get that

    ReplyDelete
  5. In Salesforce Classic View
    1) Go to My Settings –> Personal –> Reset My Security Token
    2) Click Reset Security Token. The new security token is sent to the email address in your Salesforce personal settings


    In Lighting Experience
    1) Go to Settings –> My Personal Information –> Reset My Security Token
    2) Click Reset Security Token. The new security token is sent to the email address in your Salesforce personal settings

    ReplyDelete
  6. Thank you Amit,
    Just to mention that in the postman oauth2 wizard, it worked for me when in the "Client Authentication" I selected "Send client credentials in body" rather than "Send as Basic Auth header"

    ReplyDelete
  7. Thank you Amit you saved my one day work!! Keep it up...

    ReplyDelete
  8. Hi Amit,
    Thanks, this is generally helpful.
    Still, I followed step-by-step your method in this video (https://www.youtube.com/watch?v=WdAhD6p1nKM), I got the security token correctly, but when sending the GET request I keep having in return an "errorCode":"INVALID_SESSION_ID".

    I'm pretty sure my instance URL is correct (it works in Workbench!). I'm trying all this in a Sandbox of which I'm an administrator. Can the error be due to some user permissions I'm not aware of?

    ReplyDelete
  9. Hi AMit,


    I get response like when I pass the id:
    Now when I convert this response into list I get the parent object records but the attributes section is missed....
    COuld anyone help how to convert this response so that I can store all the values....like id,Account__c,record name of the parent object record,Account__r.External_ID,createdby.name...
    I converted the response to List < SObject > using

    List convert= (List) JSON.deserialize(Jsonresponse, List.class);

    Is there any better way .

    Please help Me out

    [
    {
    "attributes": {
    "type": "Call2__c",
    "url": "/services/data/v44.0/sobjects/Call2__c/a0429000004Vk6KAAS"
    },
    "CreatedById": "00561000002QxUWAA0",
    "Id": "a0429000004Vk6KAAS",
    "Account__c": "0012900000UbJ7KAAV",
    "Name": "I001560070",
    "CreatedBy": {
    "attributes": {
    "type": "User",
    "url": "/services/data/v44.0/sobjects/User/00561000002QxUWAA0"
    },
    "Id": "00561000002QxUWAA0",
    "Name": "Veeva Admin"
    },
    "Account__r": {
    "attributes": {
    "type": "Account",
    "url": "/services/data/v44.0/sobjects/Account/0012900000UbJ7KAAV"
    },
    "Id": "0012900000UbJ7KAAV",
    "External_ID": "2003904637"
    }
    },
    {
    "attributes": {
    "type": "Call2__c",
    "url": "/services/data/v44.0/sobjects/Call2__c/a0429000004Vk60AAC"
    },
    "CreatedById": "00561000002QxUWAA0",
    "Id": "a0429000004Vk60AAC",
    "Account__c": "0012900000UbJ7KAAV",
    "Name": "I001560057",
    "CreatedBy": {
    "attributes": {
    "type": "User",
    "url": "/services/data/v44.0/sobjects/User/00561000002QxUWAA0"
    },
    "Id": "00561000002QxUWAA0",
    "Name": "Veeva Admin"
    },
    "Account__r": {
    "attributes": {
    "type": "Account",
    "url": "/services/data/v44.0/sobjects/Account/0012900000UbJ7KAAV"
    },
    "Id": "0012900000UbJ7KAAV",
    "External_ID": "2003904637"
    }
    }

    ]

    ReplyDelete
  10. Hi Amit,

    Great job. I was able to resolve my errors following this article. Thank you.

    ReplyDelete
  11. HI Amit,

    There is small correction, in this.
    The request url is:
    https://salesforce_instancename/services/data/v36.0/sobjects/Account/1234

    instead of
    https://na50.salesforce.com/services/apexrest/api/Account/12345



    ReplyDelete
  12. Rakesh Gaikwad22 July 2019 at 15:28

    Great! Awesome post, tried it worked as expected!
    @Amit Keep-Going.

    ReplyDelete
  13. Hi Amit,
    Thanks for sharing the instructions. I have created a connected app and followed your instructions but I am getting invalid_grant error while making a post call to generate token in Postman. How to resolve?

    ReplyDelete
  14. Hi Amit,
    Thanks for sharing the information.
    In the video, I saw you use amitblog-dev-ed.my.salesforce.com/apexrest/api/ instead of https://na50.salesforce.com/services/apexrest/api/Account/12345. For me, the salesforce_instancename one didn't work. And I suppose you define amitblog-dev-ed in the setup->Site, right? After I create the site, when I make request, it will return "You do not have access to the Apex class named". When I add apex access for the site, then the amitblog-dev-ed.my.salesforce.com/apexrest/api/ can be accessed by anyone. I am wondering I didn't setup the site correctly?

    ReplyDelete
    Replies
    1. Can you show me how you create amitblog-dev-ed.my.salesforce.com?

      Delete
    2. Sorry, my mistake, the salesforce_instance url works. I didn't put token in the request header. And there is no need to create site.

      Delete

  15. I followed step-by-step your method in this video , I got the security token correctly, but when sending the GET request I keep having in return "message": "Session expired or invalid", "errorCode": "INVALID_SESSION_ID"

    ReplyDelete