function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Iris GaleanoIris Galeano 

Get user photo using Force.com Site from Rest API In Apex Salesforce

Hello. 

I have an app in React that needs to show the users' profile picture calling a web service expose in a force.com site. The app and the force.com site aren't related, so I don't have any valid sessionId or oauth_token. 

The force.com site exposes the web service using this class: 
@RestResource(urlMapping='/UsersPhotos/*')
global class UsersPhotos {
    @HttpGet
    global static String doGet() {
    	String userId = RestContext.request.params.get('userId');
        ConnectApi.Photo ph = ConnectApi.UserProfiles.getPhoto(null, userId);
        return ph.fullEmailPhotoUrl;
    }
}

I implemented that solution (suggested here: https://sforcenotes.blogspot.com/2015/10/solution-to-display-salesforce-user.html?showComment=1596211057195#c5848226245946017759) because I don't want to use an oauth_token or custom object to store the users's profile pictures. But I got the following error in my app: 
  
[System.NoAccessException: Insufficient Privileges: You do not have the level of access necessary to perform the operation you requested. Please contact the owner of the record or your administrator if access is necessary.\n\nClass.ConnectApi.UserProfiles.getPhoto: line 266, column 1\nClass.UsersPhotos.doGet: line 7, column 1]

Can you please tell me If I need to add additional permissions in the force.com site? or another way to implement this?

Thanks.