+ Start a Discussion
Website AdminWebsite Admin 

Can you get an oauth token without a browser?

I have Salesforce enterprise and would like to automate some functionality of pushing data from our main system into salesforce.  The issue I’m running into is getting an auth token.  I can follow the pattern with a browser and it works as expected.  The issue is that I don’t want to use a browser.  I want my Java server to make an http call and get a call back with the token.  The reason it does not work is that salesforce uses javascript redirects and cookies instead of 301 and http redirects.  

I’ve seen some mention of getting a session token and then performing the operation but that will not work due to the lack of a javascript engine in my http client.  Are there any alternatives in getting this to work?
daniel_hdaniel_h
Yes there are several flows you can follow to login to Salesforce from an external application. You can either use the SOAP login call or OAUTH.

For SOAP: https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_calls_login.htm

Here's a good overview of OAuth: https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com

An autonomous client can obtain an access token by simply providing username, password and (depending on configuration) security token in an access token request. Again the request is POSTed (1) to https://login.salesforce.com/services/oauth2/token, but the payload now has the form

grant_type=password&client_id=<your_client_id>&client_secret=<your_client_secret>&username=<your_username>&password=<your_password>

The following parameters are required:

grant_type Set this to password.
client_id Your application's client identifier.
client_secret Your application's client secret.
username The API user's Salesforce.com username, of the form user@example.com.
password The API user's Salesforce.com password. If the client's IP address has not been whitelisted in your org, you must concatenate the security token with the password.
Tanuj TyagiTanuj Tyagi
Hi  Website Admin,
To make an http call and get a call back with the token , you need to make a Connected App in your instance and get CLIENTID  and CLIENTSECRET  from the connectd App.

Use this Code
Hope it will help.



public class RestApiTest {

 static final String USERNAME = "xxxxxxxxxxxxxxxxxxx";
 static final String PASSWORD = "xxxxxxxxxxxxxxxxxxx";
 static final String LOGINURL = "https://login.salesforce.com";
 static final String GRANTSERVICE = "/services/oauth2/token?grant_type=password";
 static final String CLIENTID = "xxxxxxxxxxxxxxxxxxx";
 static final String CLIENTSECRET = "xxxxxxxxxxxxxxxxxxx";
 private static String REST_ENDPOINT = "/services/data";
 private static String API_VERSION = "/v32.0";
 private static String baseUri;
 private static Header oauthHeader;
 private static Header prettyPrintHeader = new BasicHeader("X-PrettyPrint", "1");
 private static String leadId;
 private static String leadFirstName;
 private static String leadLastName;
 private static String leadCompany;

 public static void main(String[] args) {

  HttpClient httpclient = HttpClientBuilder.create().build();

  // Assemble the login request URL
  String loginURL = LOGINURL +
   GRANTSERVICE +
   "&client_id=" + CLIENTID +
   "&client_secret=" + CLIENTSECRET +
   "&username=" + USERNAME +
   "&password=" + PASSWORD;

  // Login requests must be POSTs
  HttpPost httpPost = new HttpPost(loginURL);
  HttpResponse response = null;

  try {
   // Execute the login POST request
   response = httpclient.execute(httpPost);
   
  } catch (ClientProtocolException cpException) {
   cpException.printStackTrace();
  } catch (IOException ioException) {
   ioException.printStackTrace();
  }

  // verify response is HTTP OK
  final int statusCode = response.getStatusLine().getStatusCode();
  if (statusCode != HttpStatus.SC_OK) {
   System.out.println("Error authenticating to Force.com: " + statusCode);
   // Error is in EntityUtils.toString(response.getEntity())
   return;
  }

  String getResult = null;
  try {
   getResult = EntityUtils.toString(response.getEntity());
   System.out.println("Result From Server: "+getResult);
   
  } catch (IOException ioException) {
   ioException.printStackTrace();
  }
  JSONObject jsonObject = null;
  String loginAccessToken = null;
  String loginInstanceUrl = null;
  try {
   jsonObject = (JSONObject) new JSONTokener(getResult).nextValue();
   loginAccessToken = jsonObject.getString("access_token");
   loginInstanceUrl = jsonObject.getString("instance_url");
   System.out.println("loginAccessToken: "+loginAccessToken+" "+"loginInstanceUrl: "+loginInstanceUrl);
   
  } catch (JSONException jsonException) {
   jsonException.printStackTrace();
  }
  baseUri = loginInstanceUrl + REST_ENDPOINT + API_VERSION;
  oauthHeader = new BasicHeader("Authorization", "OAuth " + loginAccessToken);
  System.out.println("oauthHeader1: " + oauthHeader);
  System.out.println(response.getStatusLine());
  System.out.println("Successful login");
  System.out.println("  instance URL: " + loginInstanceUrl);
  System.out.println("  access token/session ID: " + loginAccessToken);

  System.out.println("baseUri: " + baseUri);

  // Run codes to query, insert, update and delete records in Salesforce using REST API
  //queryLeads();
 // createLeads();
 //updateLeads();
 // deleteLeads(); 

  // release connection
  httpPost.releaseConnection();
 }