Obtain Access & Refresh tokens from Salesforce REST API

This post helps you to obtain OAuth2 tokens from Salesforce REST API instantly.

First, you need to create an account in Salesforce. If you already have a paid Salesforce account you can use your account. If you don’t have a paid account, go to the Salesforce developer edition and create a new dev account. Don’t create a Free trial account because sometimes you can’t enable the API for your Salesforce account using Free trial accounts. After login to your account, you need to create a Connected App to obtain tokens.

Create a Connected App

1. Log in to Salesforce as an administrator. In the drop-down list of the account (in the upper-right corner), select Setup.
2. In the left-hand pane, go to Apps > App Manager.
3. Click on the New Connected App (in the upper right corner).
4. On the New Connected App page, fill the following required fields under Basic Information: Connected App Name, API Name and Contact Email.
5. Go to API (Enable OAuth Settings), and select Enable OAuth Settings. In the Callback URL field, enter https://login.salesforce.com/. In the Selected OAuth Scopes field, select Access and manage your data (api), Perform requests on your behalf at any time (refresh_token, offline_access), Provide access to your data via the Web (web), and then click Add.
6. Click the Save button to save the new Connected App.

Adding a New Connected App

7. In the Connected Apps (Apps > App Manager) list, find the App that you just created, and then click Manage.

Manage created Connected App

8. On the page that opens, click the Edit button. Under OAuth policies, select All users may self-authorize in the Permitted Users list, and then click the Save button.

9. Go back to the Connected Apps (Apps > App Manager) list, and click the App that you just created, and then click on View.

View created Connected App

10. Go to API (Enable OAuth Settings), and note down the Consumer Key and Consumer Secret, which will be used for the configuration of Credential in Ballerina SFDC Integration.

Obtain Consumer Key and Secret

Obtaining tokens

1. Get Code

Log in to Salesforce using your favorite browser, then enter the following request Url in a new tab to get the code. <CONSUMER_KEY> should be replaced with the obtained Consumer Key in the above step. <YOUR_INSTANCE> should be replaced with your instance name, in my case it is ap15.

https://<YOUR_INSTANCE>.salesforce.com/services/oauth2/authorize?response_type=code&client_id=<CONSUMER_KEY>&redirect_uri=https://login.salesforce.com/

Enter request Url in the browser

Allow access if any alert popup. Then you will see browser is redirecting to a Url like this. You can obtain the code using that Url.

https://login.salesforce.com/?code=aPrxYXyxzkuBzbDGdwv67qekAQredtrsWqty38LsdhfREyTRbvdjvTqdbvxPVC__4Cb9xGKDGErtOw%3D%3D

The browser will redirect to a Url with the code

2. Get Access token & Refresh token

Send the following curl request to obtain the tokens. <CODE> should be replaced with the code you obtained in the above step. <CONSUMER_KEY> and <CONSUMER_SECRET> should be replaced with obtained keys with the created Connected App.

curl -X POST https://<YOUR_INSTANCE>.salesforce.com/services/oauth2/token?code=<CODE>&grant_type=authorization_code&client_id=<CONSUMER_KEY>&client_secret=<CONSUMER_SECRET>&redirect_uri=https://login.salesforce.com/

You can obtain the access_token and refresh_token from the response.

{
"access_token":"00D2v000001XKxi__SOMETHING",
"refresh_token":"5Aep861dlMxAL.LhVTuPRa__SOMETHING",
"signature":"MK/YGMNQhPSSnKtYicXlaU__SOMETHING",
"scope":"refresh_token web api",
"instance_url":"https://ap15.salesforce.com",
"id":"https://login.salesforce.com/id/00D2vKxiEAG/0045Q09vAAL",
"token_type":"Bearer",
"issued_at":"1570030000198"
}

If you are not familiar with curl you can use Postman to send the request.

For more interesting articles pls follow me on Medium :) Thank you!

Also, you can check my latest story on How to connect your website with Google Analytics 4

Get Access token & Refresh token

More Errors?

1. ‘REST API is not enabled for this Organization’ Issue

When you are trying to send a request to the salesforce API using the above credentials, sometimes you will get this error.

the REST API is not enabled for this Organization.

You can resolve this error by following the below steps.

Click on Setup in the right top corner.

Go to ADMINISTRATION > Manage Users and click on Profiles.

Click Edit on the specific profile you want to update.

Scroll down and go to Administrative Permissions and check the API Enabled checkbox.

Then don't forget to go down the page and click Save to save your changes.