Apex Code Development You need to sign in to do that
Don't have an account?
lanem Using the oAuth 1.0a flow with the Chatter REST AOI
I would like to use the oAuth 1.0a flow with the REST API. I'm able to get the access token, but from there I'm a bit stumped. In the 2.0 flows, the instance_url is returned as part of the POST response from /services/oauth2/token. Is there a separate call I can make to get this information after I've already completed the 1.0a flow?
I would appreciate any advice!
Is there any reason you are using OAuth 1? I suspect it is because you want to pass a username/password as part of the authentication. If you your case requires this, you might want to check out the user-pass flow which is part of the OAuth2 spec. This will also solve your issue with the instance_url.
Check out the following article for more info: http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com
Thanks for the reply. “Digging Deeper” is great, and actually one of the clearest posts I’ve ever seen about oAuth 2.0. I was able to get a POC up and running in about 20 minutes using the Web Server Flow using it.
Unfortunately, I want to be able to set the callback URL programmatically at authentication time and make SSL on the callback URL optional. One of the tradeoffs of oAuth 2.0 is that having the callback URL match the one in the SF system exactly is part of the security protocol. Also, because there is no real oAuth dance, the callback page must be SSL (as opposed to only the taken/secret exchanges that happen in the back end for 1.0a)
I have seen some references to using the session ID in the Authorization header on the REST request, but that still doesn’t solve the instance URL problem.