+ Start a Discussion
Patrick Jones 37Patrick Jones 37 

how do I use the access_token in a Username-Password Flow api url request?

I am able to get an access_token passing SF via HTTP POST. Now that I have the access_token, how do I leverage in the URL to query for case numbers? I want to return "status" for a lookup on the case number that is passed to the API via the IVR. I think the base URL is incorrect for my query... 

I send the folloing to SFDC:
https://login.salesforce.com/services/oauth2/token/
grant_type=password
&client_id=xxxx
&client_secret=xxxx
&username=email@.com
&password=testpwd

and I receive the access_token successfully and I store that value in a variable
I then want to send a url query to SFDC and return all cases for a specific account ... the url that I use for that is where I am lost. What would an example be of the url for this? 

i tried http://instance.salesforce.com/sid=xxxx&case=xxxx
i get the login page for SFDC. I obviously dont understand why I cannot get beyond the access_token being granted ...

Thanks in advance for any guidance,
Patrick
 
Best Answer chosen by Patrick Jones 37
Charisse de BelenCharisse de Belen
Hi Patrick,

According to this documentation (https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm), you cannot pass the access token as a request parameter. It needs to be passed in the request header.

All Answers

rajat Maheshwari 6rajat Maheshwari 6

Hi Patrik,

From workbench Rest Explorer, You can make query to fetch the case details for specific account, below is sample code - : 

Use Get Http method and make these query below - 

/services/data/v39.0/query/?q=SELECT+id+from+Case+where+accountId+=+'0012800000rj11V'

Please let me know in cas eof any issue, I am happy to help you :)

Thanks
Rajat maheshwari
rajatzmaheshwari@gmail.com

Patrick Jones 37Patrick Jones 37
I used the query you suggested with a valid accountId and still get the following:

<Error>
<errorCode>INVALID_SESSION_ID</errorCode>
<message>Session expired or invalid</message>
</Error>


I am thinking the issue right now is the access token, how do I pass that via URL?
I used the Username-Password flow for authentication in the initial query.
Thanks,
Patrick
Charisse de BelenCharisse de Belen
Hi Patrick,

According to this documentation (https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm), you cannot pass the access token as a request parameter. It needs to be passed in the request header.
This was selected as the best answer
Patrick Jones 37Patrick Jones 37
I just came across that just before reading your reply. Thank you :) How do I write the url syntax to include the access token? instance/service/apexrest/Class/variable=xxxx plus auth token I dont have a way of changing the header info - can I pass u/p on every request to my rest api? Thanks, Patrick
Charisse de BelenCharisse de Belen
I'm not aware of any methods of doing this through the URL. If you can, I suggest using a different approach to send your HTTP request that allows you to modify the headers. If that's not possible, maybe you can post a new question to find a way to authenticate to your org with the tool you are using.