+ Start a Discussion
sridevisridevi 

Username-Password OAuth Flow:

Hi All

 

Plz Need help.........

 

I am examining a sample which is in the salesforce developer site.

In that sample when we click a link it will be redirected to the salesforce login page. If the login successful, then an access token is issued.
I dont want my application to redirect to the salesforce login page. 
What should I do to avoid redirecting to salesforce login page.

 

plz need ur help..................................

Mohith Kumar ShrivastavaMohith Kumar Shrivastava

The only way you could do is using the Useragent-Password flow for your oauth.

 

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com

 

The last flow is user-agent Password flow .Set up an integration user and then use it to get token.This avoids redirecting to authorise page.

 

 

logontokartiklogontokartik

Try using  Obtaining a Token in an Autonomous Client (Username-Password Flow)

 

By setting the grant_type=password.

 

Httprequest req = new HttpRequest();		
		req.setMethod('POST');		
		req.setHeader('Content-Type','application/x-www-form-urlencoded');		
		req.setBody('grant_type=password' + 
					'&client_id=' + client_id + 
					'&client_secret=' + client_secret + 
					'&username=' + EncodingUtil.urlEncode(username, 'UTF-8') + 
					'&password=' + EncodingUtil.urlEncode(password, 'UTF-8')); 		
		req.setEndpoint(OAuthURL);			
    	
    	Http http = new Http();
		HttpResponse res;
		
		try {
			
			if(!Test.isRunningTest())
				res = http.send(req);
			else
				return null;
					
		}catch(system.CalloutException e){
			ApexPages.addMessage(new ApexPages.Message(ApexPages.Severity.ERROR, e.getMessage()));
			return null;
		}

 

The response will contain the Access Token.

 

 

sridevisridevi

Hi Kartik,

 

Thanks for u r reply.

 

Im using java to salesforce integration

 

plz can u help me 

logontokartiklogontokartik

This is not a lot different, the code is also documented in Salesforce Documentation.

 

http://www.salesforce.com/us/developer/docs/api_streaming/Content/code_sample_auth_oauth.htm

SurpriseSurprise

Hi karthik,

 

I saw your code,I have couple of questions,I hope you can help me.

 

1) The below given code will be used by client aplication which is running outside salesforce.Is that correct?

2) Now from where do we get the following information.

3) Do we have to specify a paritcular username and passowrd Which will always remain?

4) Once we get the access token thenhow do we use that ?.Can u please help.

 

 

    -grant_type=password'

    client_id=' + client_id +

    client_secret=' + client_secret + '

    username=' + EncodingUtil.urlEncode(username, 'UTF-8') 

    password=' + EncodingUtil.urlEncode(password,.'UTF-8')

 

 

 

 

 

Try using  Obtaining a Token in an Autonomous Client (Username-Password Flow)

 

By setting the grant_type=password.

 

Httprequest req = new HttpRequest();		
		req.setMethod('POST');		
		req.setHeader('Content-Type','application/x-www-form-urlencoded');		
		req.setBody('grant_type=password' + 
					'&client_id=' + client_id + 
					'&client_secret=' + client_secret + 
					'&username=' + EncodingUtil.urlEncode(username, 'UTF-8') + 
					'&password=' + EncodingUtil.urlEncode(password, 'UTF-8')); 		
		req.setEndpoint(OAuthURL);			
    	
    	Http http = new Http();
		HttpResponse res;
		
		try {
			
			if(!Test.isRunningTest())
				res = http.send(req);
			else
				return null;
					
		}catch(system.CalloutException e){
			ApexPages.addMessage(new ApexPages.Message(ApexPages.Severity.ERROR, e.getMessage()));
			return null;
		}

 

The response will contain the Access Token.

 

 

 

 

 

 

 

logontokartiklogontokartik

Hi Surprise,

 

Sorry for delayed response. Here are my responses for your questions

 

1) The below given code will be used by client aplication which is running outside salesforce.Is that correct?

<kv> Yes,

2) Now from where do we get the following information.

<kv> You will get Consumer Key, Secret by creating a Connected App in Salesforce.com.  http://wiki.developerforce.com/page/Connected_Apps

 

3) Do we have to specify a paritcular username and passowrd Which will always remain?

<kv> Yes. if you  want to use the username flow, you must create a User which can be used by client application and make sure that password never expires for that user

4) Once we get the access token thenhow do we use that ?.Can u please help.

<kv> You have to set the Authentication Header in the request you are doing from client. 

 

Hope this helps