You need to sign in to do that
Don't have an account?
Mads Peter Rommedahl
Make GET callback to a Salesforce API endpoint available without OAuth 2 authorization?
Hi all,
I'm trying to code an integration between two web services - an online text messaging gateway and a Salesforce installation. So far, I've managed to get Salesforce callouts to work (meaning you can send text messages from Salesforce at the click of a button), but I'm struggling with the other way around: The text messaging gateway supports making a GET callback to a URL of my choice with the status of the text message sent (Delivered/Failed) - but even though I've made a Salesforce API endpoint to handle the callback and update the respective records in Salesforce, the callbacks keep failing with 401 Unauthorized and the INVALID_SESSION_ID error code.
I know this problem is related to OAuth 2 and if this was me making the callback, I would make sure to make a prior call to /oauth2/token, use the access token and all that jazz, but I'm not able to do that - all I can do is specify which URL the gateway should make a GET call to (with the text message-specific parameters added to the URL).
Thus, what I really need is some way to either perma-authorize any GET calls coming from their domain or bypass the OAuth 2 workflow altogether. I have looked around everywhere but haven't been able to find any useful information that doesn't involve first calling /oauth2/token and THEN calling the API endpoint, which, as mentioned, is not an option.
Any ideas?
I'm trying to code an integration between two web services - an online text messaging gateway and a Salesforce installation. So far, I've managed to get Salesforce callouts to work (meaning you can send text messages from Salesforce at the click of a button), but I'm struggling with the other way around: The text messaging gateway supports making a GET callback to a URL of my choice with the status of the text message sent (Delivered/Failed) - but even though I've made a Salesforce API endpoint to handle the callback and update the respective records in Salesforce, the callbacks keep failing with 401 Unauthorized and the INVALID_SESSION_ID error code.
I know this problem is related to OAuth 2 and if this was me making the callback, I would make sure to make a prior call to /oauth2/token, use the access token and all that jazz, but I'm not able to do that - all I can do is specify which URL the gateway should make a GET call to (with the text message-specific parameters added to the URL).
Thus, what I really need is some way to either perma-authorize any GET calls coming from their domain or bypass the OAuth 2 workflow altogether. I have looked around everywhere but haven't been able to find any useful information that doesn't involve first calling /oauth2/token and THEN calling the API endpoint, which, as mentioned, is not an option.
Any ideas?
Best Answer chosen by Mads Peter Rommedahl
Mads Peter Rommedahl
Disregard, I found a suitable solution: By going to Develop -> Sites I could give the Guest User access to the Callback Apex class, and then just used that site URL as callback URL for the messaging gateway :)