Member since
09-06-2016
9
Posts
1
Kudos Received
0
Solutions
04-09-2024
03:06 AM
1 Kudo
GetHTTP itself doesn't handle OAuth2 directly. Here's a breakdown of the process:
1. Obtaining Access Token:
You'll need to acquire an access token before making API calls to Salesforce.
This typically involves a two-step process:
Step 1: Authorization Code Grant:
Direct your user to a Salesforce authorization URL with your client ID and redirect URI.
Upon successful login and authorization, Salesforce redirects the user back to your redirect URI with an authorization code.
Step 2: Token Request:
Use the authorization code retrieved in step 1 to make a POST request to Salesforce's token endpoint.
Include your client ID, client secret, redirect URI, and grant type ("authorization_code") in the request body.
If successful, Salesforce will respond with an access token and other relevant information (refresh token, expiration time).
2. Using Access Token with GetHTTP:
Once you have the access token, you can use GetHTTP to make API calls to Salesforce.
Set the following headers in your GetHTTP request:
Authorization: Bearer <access_token> (Replace <access_token> with your actual token)
Configure the request URL with the desired Salesforce API endpoint and any necessary parameters.
Execute the GetHTTP request to retrieve data or perform actions on the Salesforce platform.
Important Considerations:
Security: Store access tokens securely and avoid exposing them in code or logs.
Token Refresh: Access tokens expire, so implement a mechanism to refresh them before expiration using the refresh token obtained during the initial authorization flow.
Libraries: Consider using libraries designed for Salesforce integrations, which can simplify the OAuth2 process and provide additional functionalities.
... View more
09-08-2016
01:02 PM
@ pierre Villard - Hi- I went thru your article posted in below link - https://pierrevillard.com/2016/04/12/oauth-1-0a-with-apache-nifi-twitter-api-example/ In our API guide , I found that API uses use the OAuth 2.0 standard to authenticate all requests The APIs are all accessed via REST invocations and return results in JSON format. The API use the OAuth 2.0 standard to authenticate all requests To authenticate to the API endpoint, we will need a token we send with every API call. To retrieve a token please follow the steps below- Request an access token by sending your Client ID and Client Secret via HTTP Basic Authentication, using an HTTP POST request. The Client ID and Client Secret need to be encoded to Base64, using the UTF-8 character set, in the form of client_id:client_secret. A resource you can use for this purpose is https://www.base64encode.org/. This string is then passed as the Authorization header. The API will respond with an access token Note: Tokens are only valid for one hour. After one hour a new token is required. Pass the token as the Authorization header to access the API resources: API resource data is returned: I assume there were some more steps needed in between which is missing to make the correct flow. Can you please guide
... View more