Sign Up ›
  • Cheryl Judd
  • NEWBIE
  • 0 Points
  • Member since 2015
  • Chatter
    Feed
  • 0
    Best Answers
  • 1
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 0
    Replies
3 replies

Misbehaving REST API for inbound call using OAuth2

I have a client that is having problems accessing custom SF Rest API.  

Login is successful using oauth2 token (services/oauth2/token) with grant_type = password.  Attempt to access custom REST API using services/apexrest/myRESTInterface with received access_token & instance_url from login response, results in 403 (error code = MUTUAL_AUTHENTICATION_FAILED) from http POST of REST url.

Also, configured a connectedApp (restricted IPs) & profile for the login user.

Help !  I have checked thousands of settings & have performed a ton of googling. And, yep, not a premier customer either.

Here is some code ==>
 1.  Login call:
  URL==>  HTTPS://login.salesforce.com/services/oauth2/token

  Payload ==>  username=XXXXX%40myCompany.org&password=YYYYYYY&grant_type=password&client_id=ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ&client_secret=NNNNNNNNNNN

 2. Custom Rest Call (using access_code & instance_url from login response):
  URL==> HTTPS://NA18.SALESFORCE.COM/services/apexrest/myRESTInterface
  Header ==> Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-PrettyPrint: 1
  Payload ==>  {"myPayload":["attribute1"]}
3 replies

Misbehaving REST API for inbound call using OAuth2

I have a client that is having problems accessing custom SF Rest API.  

Login is successful using oauth2 token (services/oauth2/token) with grant_type = password.  Attempt to access custom REST API using services/apexrest/myRESTInterface with received access_token & instance_url from login response, results in 403 (error code = MUTUAL_AUTHENTICATION_FAILED) from http POST of REST url.

Also, configured a connectedApp (restricted IPs) & profile for the login user.

Help !  I have checked thousands of settings & have performed a ton of googling. And, yep, not a premier customer either.

Here is some code ==>
 1.  Login call:
  URL==>  HTTPS://login.salesforce.com/services/oauth2/token

  Payload ==>  username=XXXXX%40myCompany.org&password=YYYYYYY&grant_type=password&client_id=ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ&client_secret=NNNNNNNNNNN

 2. Custom Rest Call (using access_code & instance_url from login response):
  URL==> HTTPS://NA18.SALESFORCE.COM/services/apexrest/myRESTInterface
  Header ==> Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-PrettyPrint: 1
  Payload ==>  {"myPayload":["attribute1"]}