Access Tokens

In order to access Salesforce from an external application, an access token must be requested from Salesforce.

Creating a Connected App

The first step in configuring Salesforce to generate access tokens is to create a connected app in Salesforce. The connected app will contain the security settings for issuing tokens to the custom application.

Visit Creating a Connected App in Salesforce for details.

Getting an Access Token

Once the connected app is configured, access tokens can be requested from Salesforce using the connected app's configuration details.

Endpoint

To create an access token, a post request is sent to the following end point.

https://login.salesforce.com/services/oauth2/token

One or more of the following data is posted in the request based on application requirements.

Property

Description

client_id

The connected app's unique identifier

client_secret

The secret for the API registered in the application with permission to access the Salesforce API

username

Optional. Used only with the password grant type.

password

Optional. Used only with the password grant type.

grant_type

The authentication flow used to generate the access token.

Token

An access token returned from Salesforce has the following properties.

Property

Example

Description

access_token

eyJ0e...Agjmg

This is the actual token used for authenticating calls to Salesforce.

instance_url

https://domain-dev-my.salesforce.com

This is the REST API endpoint to use for making calls to Salesforce.

token_type

Bearer

This is the OAuth 2.0 token type in access_token.

For more details on Salesforce access tokens, visit Get an Access Token from Salesforce.

For details on how to use these settings with WireBootstrap, visit Data Connector.

Sample

All the material discussed in this section has been implemented in the sample application that comes with the WireBootstrap for Salesforce. This sample is a good example of how to generate tokens in order to access Salesforce data from external applications.

Request a Token

In the project, the TokensController class at \Controllers\TokensController.cs contains a method called GetAccessToken that can be called by clients to retrieve a token from Salesforce.

The following in an excerpt from the call to this method from \lib\service.js in the sample.

const accessToken = await fetch("/tokens/GetAccessToken");
const response = await accessToken.json();

Create a Token

On the server, GetAccessToken reads the values for the token request from appsettings.json, makes the call to Salesforce, and returns the token to the client.

Below is an excerpt from appsettings.json with the variables needed for the call to generate a token. Replace the brackets [] with the actual values needed to connect to your Salesforce connected app.

{
  "AuthTokenUrl": "https://login.salesforce.com/services/oauth2/token",
  "ClientId": "[Connected app's unique id]",
  "ClientSecret": "[API secret needed to connect to the app]",
  "GrantType": "[Auth flow to use for the token call]",
  "User": "[Optional - User name if using 'password' grant type]",
  "Password": "[Optional - Password if using 'password' grant type]"
}

PreviousInstallation NextData Connector

Last updated 2 years ago