Database.com REST API Developer's Guide - Salesforce.com

More documents

Recommendations

Info

Introducing Force.com REST APIUnderstanding the OAuth Refresh Token ProcessAn example request body might look something like the following:grant_type=password&client_id=3MVG9lKcPoNINVBIPJjdw1J9LLM82HnFVVX19KY1uA5mu0QqEWhqKpoW3svG3XHrXDiCQjK1mdgAvhCscA9GE&client_secret=1955279925675241571&username=testuser%40database.com&password=mypassword1234562. Database.com verifies the user credentials, and if successful, sends a response to the application with the access token. Thisresponse contains the following values:Parametersaccess_tokeninstance_urlidissued_atsignatureDescriptionAccess token that acts as a session ID that the applicationuses for making requests. This token should be protected asthough it were user credentials.Identifies the Database.com instance to which API callsshould be sent.Identity URL that can be used to both identify the user aswell as query for more information about the user. Can beused in an HTTP request to get more information aboutthe end user.When the signature was created, represented as the numberof seconds since the Unix epoch (00:00:00 UTC on 1 January1970).Base64-encoded HMAC-SHA256 signature signed withthe consumer's private key containing the concatenated IDand issued_at value. The signature can be used toverify that the identity URL wasn’t modified because it wassent by the server.An example response body might look something like:{"id":"https://login.database.com/id/00Dx0000000BV7z/005x00000012Q9P","issued_at":"1278448832702","instance_url":"https://na1.salesforce.com","signature":"0CmxinZir53Yex7nE0TD+zMpvIWYGb/bdJh6XfOH6EQ=","access_token":"00Dx0000000BV7z!AR8AQAxo9UfVkh8AlV0Gomt9Czx9LjHnSSpwBMmbRcgKFmxOtvxjTrKW19ye6PE3Ds1eQz3z8jr3W7_VbWmEu4Q8TVGSTHxs"}3. The application uses the provided access token to access protected user data.Keep the following considerations in mind when using the user-agent OAuth flow:• Since the user is never redirected to login at Database.com in this flow, the user can’t directly authorize the application,so no refresh tokens can be used. If your application requires refresh tokens, you should consider using the Web server oruser-agent OAuth flow.Understanding the OAuth Refresh Token ProcessThe Web server OAuth authentication flow and user-agent flow both provide a refresh token that can be used to obtain anew access token.14
Introducing Force.com REST APIUnderstanding the OAuth Refresh Token ProcessAccess tokens have a limited lifetime specified by the session timeout in Database.com. If an application uses an expired accesstoken, a “Session expired or invalid” error is returned. If the application is using the Web server or user-agent OAuthauthentication flows, a refresh token may be provided during authorization that can be used to get a new access token.The client application obtains a new access token by sending a POST request to the token request endpoint with the followingrequest parameters:Parametersgrant_typerefresh_tokenclient_idclient_secretformatDescriptionValue must be refresh_token.The refresh token the client application already received.The Consumer Key from the remote access applicationdefinition.The Consumer Secret from the remote access applicationdefinition. This parameter is optional.Expected return format. The default is json. Values are:• urlencoded• json• xmlThe return format can also be specified in the header of therequest using one of the following:• Accept: application/x-www-form-urlencoded• Accept: application/json• Accept: application/xmlThis parameter is optional.An example refresh token POST request might look something like:POST /services/oauth2/token HTTP/1.1Host: https://login.database.com/grant_type=refresh_token&client_id=3MVG9lKcPoNINVBIPJjdw1J9LLM82HnFVVX19KY1uA5mu0QqEWhqKpoW3svG3XHrXDiCQjK1mdgAvhCscA9GE&client_secret=1955279925675241571&refresh_token=your token hereOnce Database.com verifies the refresh token request, it sends a response to the application with the following response bodyparameters:Parametersaccess_tokeninstance_urlidDescriptionAccess token that acts as a session ID that the application usesfor making requests. This token should be protected as thoughit were user credentials.Identifies the Database.com instance to which API calls shouldbe sent.Identity URL that can be used to both identify the user aswell as query for more information about the user. Can beused in an HTTP request to get more information about theend user.15
Page 1: Version 30.0: Spring ’14Database.
Page 4 and 5: Table of ContentsGet Field Values f
Page 7 and 8: GETTING STARTED WITH THE DATABASE.C
Page 9 and 10: Introducing Force.com REST APIUsing
Page 11: Introducing Force.com REST APIUnder
Page 14 and 15: Introducing Force.com REST APIUnder
Page 22 and 23: Introducing Force.com REST APIFindi
Page 24 and 25: Chapter 3Step 2: Create Objects and
Page 26 and 27: Chapter 4Step 4: Create a Remote Ac
Page 28 and 29: Step 5: Walk Through the Sample Cod
Page 34 and 35: Using REST API ResourcesGetting Inf
Page 36 and 37: Using REST API ResourcesList Availa
Page 38 and 39: Using REST API ResourcesGet Field a
Page 40 and 41: Using REST API ResourcesWorking wit
Page 42 and 43: Using REST API ResourcesGet Field V
Page 44 and 45: Using REST API ResourcesInsert or U
Page 46 and 47: Using REST API ResourcesGet a List
Page 48 and 49: Using REST API ResourcesExecute a S
Page 50 and 51: Using REST API ResourcesGet Feedbac
Page 52 and 53: Using REST API ResourcesManage User
Page 54 and 55: Using REST API ResourcesSubmit a Re
Page 56 and 57: Using REST API ResourcesBulk Approv
Page 58 and 59: Using REST API ResourcesTrigger Pro
Page 60 and 61: ReferenceResource NameSObject RowsU
Page 62 and 63: ReferenceLimitsLimitsNote: This RES
Page 64 and 65: ReferenceSObject Get DeletedHTTP Me
Page 66 and 67: ReferenceSObject RowsAuthentication
Page 68 and 69: ReferenceSObject ApprovalLayoutsSOb
Page 70 and 71:
ReferenceSObject Layouts} ]}If you
Page 72 and 73:
ReferenceAppMenu• When you use th
Page 74 and 75:
ReferenceAppMenu"width" : 32,"heigh
Page 76 and 77:
ReferenceFlexiPageExample request b
Page 78 and 79:
ReferenceProcess RulesResponse body
Page 80 and 81:
ReferenceQueryParametersParameterqe
Page 82 and 83:
ReferenceQuick ActionsFor more info
Page 84 and 85:
ReferenceStatus Codes and Error Res
Page 86 and 87:
IndexIndexAAppMenu 66ApprovalLayout
show all

Database.com REST API Developer's Guide - Salesforce.com

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?