using cURL with Salesforce Rest API

Workbench is one of widely used tool in Salesforce when it comes to exploring REST API of Salesforce. However I wanted to export REST API response in Binary format and therefore used cURL. cURL is open source command line library mostly used to test http request. It can be downloaded from here and official documentation about how to use cURL can be referred from here.

To use cURL with Salesforce REST API, we will need to use username – password flow of OAuth2. To use OAuth2, we need to create connected App. You can check “Create Connected app” section of this post. You can enter any URL for callback or if you have already created any connected app in past, then it can be used. After creating connected app, note “Consumer key” and “Consumer Secret” somewhere.

create file “LoginInfo.txt” file which will have all required login information in URL encoded format

grant_type=password& client_id= 3MVG9iTxZANhwsdsdsdsdspr0Lu3QNRNKk4c2FejzTys5Mlp43UeSHBuhWWgRjEUyV6xE7N0GostjR3sRat & client_secret=21961212323233121943 & username=jitendra.zaa@demo.com & password=myPWDAndSecurityToken

make sure there is no space in above file. I have added some space for sake of readability.

grant_type=password informs Salesforce to use “Username and password” flow of OAuth2, We are also passing client_id, client_secret, username and password.

1. Login to Salsforce using cURL

Run below command to login into Salesforce

curl -X POST -d @LoginInfo.txt https://login.salesforce.com/services/oauth2/token

Output :

{"id":"https://login.salesforce.com/id/00D90000000YnViEAK/00590000000Gl5VAAS", "issued_at":"1437005678627", "token_type":"Bearer", "instance_url":"https://shivasoftdemo-dev-ed.my.salesforce.com", "signature":"RlUOj40dyd0bhSZPNIKqE7Jp7DpyXSKULEFaYolW/3I=", "access_token":"00D90000000YnVi!ARIAQB0fu5fjPy_ JClQ7B343ffdfRcPv0toe7QcotaZu1aWJnVmN2enCLAeUKBQVcnSvR3JjDz20 2LfRpGTRzaCdsds6lUBnaQ"}

Above output returned in JSON format is not readable so we can add header “PrettyPrint” in REST API request to return formatted json response.

2. Login to Salsforce using cURL with PrettyPrint option

new request will look like :

curl -X POST -d @LoginInfo.txt https://login.salesforce.com/services/oauth2/token -H "X-PrettyPrint:1"

Output :

{
  "id" : "https://login.salesforce.com/id/00D90000000YnViEAK/005900df000Gl5VAAS",
  "issued_at" : "1437005809464",
  "token_type" : "Bearer",
  "instance_url" : "https://shivasoftdemo-dev-ed.my.salesforce.com",
  "signature" : "3PD9nGTtpis23aWNP8IPtL3sYNuApFdfdd8eDa2Rc=",
  "access_token" : "00D90000000YnVi!ARIAQB0fu5fjPy_JClQ7BrkkyX3RcPvdfdaWJnVmN 2enCLAeUKBQVcnSvR3JjDz202LfRpGTRzaCmsC6lUBnaQ"
}

If login is success then we will get response as shown above. Extract “access_token” and “instance_url” from above response, as it will be used on every subsequent API calls.

As we received session id in form of “access_token”, we can use cURL exactly like workbench as shown in below example.

3. Example – Get information about all available REST API in Salesforce

curl -H "Authorization: Bearer 00D90000000YnVi!ARIAQBdfu5fjPy_JClQ7BrkkyX3RcPv0toe 7QcotaZu1aWJnVmN2enCLAeUKBQVcnSvR3JjDz202LfRpGTRzaCmsC6lUBnaQ" -H "X-PrettyPrint:1" https://shivasoftdemo-dev-ed.my.salesforce.com/services/data/v34.0/

Don’t forget to include Bearer attribute in double quotes as session id contains exclamation mark and it creates issue while sending request.

Output :

{
  "limits" : "/services/data/v34.0/limits",
  "sobjects" : "/services/data/v34.0/sobjects",
  "support" : "/services/data/v34.0/support",
  "connect" : "/services/data/v34.0/connect",
  "query" : "/services/data/v34.0/query",
  "theme" : "/services/data/v34.0/theme",
  "queryAll" : "/services/data/v34.0/queryAll",
  "nouns" : "/services/data/v34.0/nouns",
  "knowledgeManagement" : "/services/data/v34.0/knowledgeManagement",
  "tooling" : "/services/data/v34.0/tooling",
  "chatter" : "/services/data/v34.0/chatter",
  "analytics" : "/services/data/v34.0/analytics",
  "recent" : "/services/data/v34.0/recent",
  "composite" : "/services/data/v34.0/composite",
  "process" : "/services/data/v34.0/process",
  "licensing" : "/services/data/v34.0/licensing",
  "identity" : "https://login.salesforce.com/id/00D90000000YnViEAK/00590000000Gl5VAAS",
  "flexiPage" : "/services/data/v34.0/flexiPage",
  "search" : "/services/data/v34.0/search",
  "quickActions" : "/services/data/v34.0/quickActions",
  "wave" : "/services/data/v34.0/wave",
  "appMenu" : "/services/data/v34.0/appMenu",
  "compactLayouts" : "/services/data/v34.0/compactLayouts",
  "actions" : "/services/data/v34.0/actions",
  "tabs" : "/services/data/v34.0/tabs"
}
Using cURL with Salesforce REST API
Using cURL with Salesforce REST API

Making Salesforce REST API request without SessionId

Curl works like browser, If we try to access REST API directly from browser then we get below error

Salesforce REST API without SessionId
Salesforce REST API without SessionId

If we try to do same with cURL then we will get same error:

Salesforce REST API without SessionId Using Curl
Salesforce REST API without SessionId Using Curl

Try to access Visualforce page using cURL

To access Visualforce page in Salesforce, first we need to login to Salesforce. Once logged in, if we try to access Visualforce page even with valid session Id, we will not get proper output because of Salesforce security , it shows that it is checking for sfdc.app and navigator and tries to redirect to Login page.  It does not display expected output from Visualforce. It clearly seems that salesforce is using some sort of security to check valid request.

Salesforce visualforce security check using cURL
Salesforce visualforce security check using cURL

 

 

In same way, if we are logged in to curl previously and then try to access Visualforce using post method then salesforce tries to display form element with request forwarded from cURL. It does not display expected output from Visualforce. We can clearly see that how secure is salesforce and there is no way to break it.

Access Visualforce page using cURL
Access Visualforce page using cURL

 

 

Posted

in

by


Related Posts

Comments

12 responses to “using cURL with Salesforce Rest API”

  1. Akhilesh Dahat Avatar
    Akhilesh Dahat

    Can I create triggers and classes by php into salesforce? Can you please provide the appropriate guideline for this. Is there any specific approach for this.I have search for this but no solution found till now. your help will be really appreciated.

    1. Jitendra Zaa Avatar

      You can use Tooling API, I have done it in Node js but it can be easily done in PHP as well – https://github.com/JitendraZaa/ToolingAPI30Min

  2. Veena Avatar
    Veena

    thanks so much for this post

  3. theyeti Avatar
    theyeti

    It was surprisingly hard to find a good curl example on the googles, thanks a bunch for this!

    1. Jitendra Zaa Avatar

      Glad it helped you !!!

  4. Binh Thanh Nguyen Avatar
    Binh Thanh Nguyen

    Thanks, nice tips

  5. Hans Avatar
    Hans

    How to resolve the problem: [
    {
    “message”: “This session is not valid for use with the REST API”,
    “errorCode”: “INVALID_SESSION_ID”
    }
    ]

  6. nandini Avatar
    nandini

    Can we download attachments from Idea objects using CURL?

  7. Tate Price Avatar
    Tate Price

    Thank you for this! Great tutorial. I found the Salesforce documentation wanting and this was truly helpful.

  8. MK Avatar
    MK

    using double quotes ” solved my issue. Thanks a ton bro 🙂

  9. rov Avatar
    rov

    I have just started dabbling into cURL and this post certainly helped. Thank you!

  10. Jainesh Panchal Avatar
    Jainesh Panchal

    Hi Jitendra,

    Is it possible to automate a password reset (rather than sending a reset link every certain time and let users reset their password, automatically generate and set a password at a certain time) for certain Salesforce users using cURL and Apex?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Jitendra Zaa

Subscribe now to keep reading and get access to the full archive.

Continue Reading