Learn to integrate Salesforce with Postman from scratch using connected app with OAuth 2.0 and perform API calls. Learn to create connected app with OAuth2.0 as authentication.
API endpoints reference doc
#salesforce #postman #integration #oauth2 #connectedapp
Hello, smtc folks, I hope everyone is doing good.
So today we are going to discuss about most widely used feature or functionality that is integrating Salesforce with Postman.
So many a times developer usually integrates Salesforce with Postman to develop and test the API related functionalities, which is very useful for them.
So we'll know how to in how we'll integrate these two systems we'll discuss the whole process, starting from creating a Connected app to configuring in the postman, and also we will do some demo API calls from Postman as well.
So the first and foremost step to build this integration is to create a Connected app inside Salesforce, so we'll go to our Connected app creation, setup page so make sure you are on the classic UI of Salesforce org, because creation of Connected app will be accessible via classic mode, only so search for apps and in the search box click on apps and there you will find the option called connected.
Apps here, click on new to create a new Connected app.
This Connected app will be used for login purposes via this Connected app.
Only the user will be able to log into Salesforce or through Postman.
So this is the medium of login the first there will be some mandatory things to fill that we can definitely do that.
So, let's get give the name of the Connected app as Postman int and the API name will be automatically populated contact email.
This is important because whenever, if there is any failure in the login process- or there is any restriction done during the integration procedure, then the email will be sent to this particular email ID.
Just to inform the person that hey this particular request has been filled or whatever be the reason.
The other of no things are optional, that you can definitely configure later.
So the second thing that we'll do wrong is enable oauth settings.
This is really very important.
What sort of authorization you want to make via this Connected app so first option is callback URL.
This is nothing but the URL where the user will be redirected to after the authentication is successfully done.
So in order to make it simple, I will just skip my domain URL as my callback URL.
So let me repeat it once again: callback URL is nothing, but it is the URL or the page where the user will be redirected to after he has successfully been authenticated from the third party system.
Then the second option is the scope that we have to select what all permissions, what all authentic authorization that you want to give to that user.
Who will be integrated you, who will be making the API calls or whether he can create records or read records, or he can also delete the metadata inside the Salesforce or so for now, we'll give full access just for the training purpose.
We are giving full access, but in real system a real scenario, it can be different out of all these options.
You can select multiple options as your wish.
These are the only important or information that you want to fill that you have to fill to create a Connected app.
So after you save it, it will take 10 minutes to get it ready, and that is why I have already created the Connected app with the same name just to save time.
It will take 10 minutes so I already have this Postman integration int connected I've created.
So what all the information you want to take from this Connected app in order to proceed with the configuration of the entire integration, so you have to click on that manage consumer details.
This will give you client, ID and client secret that will be used in our Postman while configuring, the integration.
So let's click on this, it will ask for the OTP, which is access code, just to see that information will provide that through four five nine nine six now I should be able to see these two information.
Consumer key is nothing but client, ID and consumer secret is client.
Secret will require this.
Let let this page be open for now and yeah.
This is the this is all what Connected app part is now done.
The next thing we'll go to our Postman app to build the configuration between these two.
So before going there, I would like to discuss one important, very important thing.
There is a concept of security token inside Salesforce that you can generate from here.
Click on your name, click on my settings- and here you can search for token see there is an option called reset.
My security token, if you have not already reset your security token or you do not, have it handy, you can click on it and you'll receive an email containing your security token that will be used when we will be configuring Postman to build the integration.
This is nothing but an additional information, apart from your password to login into Salesforce, for example, if you want to login into Salesforce by entering username and password, then this security token will be appended with your password just to provide your whole identity.
We'll use this so make sure you reset your security token and keep it handy somewhere.
Let's go to our Postman now.
The first step here is to create a collection.
This is nothing but a folder, it's a folder only which will contain all my requests that that I would make to my Salesforce work.
Let's create a collection and name it as Postman to SF the type of this particular color, the type of authorization.
It is saying what type of authorization you want to use I will use auth, oauth 2.0, which is the strongest authorization or we can say, with the strongest authentication process.
So there are few fields and information that we want to provide in order to authenticate ourselves.
First of all, we have to authenticate ourselves and then only we can make requests API request to our Salesforce all so here it is configure new token.
So, every time I will configure myself.
I will authorize myself.
It will create generate a an access token.
An access token will be used to login.
So, let's start, let's use the grand type as password credentials.
That means I want to authorize myself based on my username and password along with security token, let's give the token name as SF token here the first option access token URL from where this Postman fetch the access token.
Where will it go? I have to provide the URL of that particular uh box, or something particular org where, where the postman will go to request for the access token after providing all the identity, so this URL is this one: login.salesforce.com Services, slash, oauth, 2.0, slash token: this is the URL where it goes and fetches the access token.
This is the first info.
If it is a Sandbox or then it will be nothing but test dot, Salesforce instead of login dot Salesforce, but this will remain the same or two slash token.
Next is we have to provide the client ID of that connected app, which we are using to login, so I have already yeah open that page, let's copy the consumer key here and go to our Connected app again paste it over here.
The second thing is client secret, which is consumer.
Secret will provide his information here as well, and the username which user wants to log into the Salesforce org I have my username here and yeah.
Then comes this very important part which is password.
This is not just your password, but it is a combination of your password and the security token.
So let me show how it works so suppose your Salesforce all's password is one ABC one.
Two three at the rate and your security token that got generated is something like this XYZ Mo, and so when you are configuring Postman, you have to provide your password like this.
Your normal password appended with your security token.
So make sure there is no space, no underscore nothing between the password and the security token.
It will be one single word.
Okay, so here I already have my password for security.
Token I'll provide it over here, and the last thing is client authentication.
You select it as client set, send client details in body now we'll get the access token.
After providing all the authentication, information will generate access token.
This is complete and after generating, we just have to use this token.
Okay, so see this particular token field got automatically populated after I used it after generation when I clicked.
On use token, this got automatically populated, we'll save this.
Now our authorization is done, we'll start making API cost for Salesforce or so what will I do is inside this folder I will create a request, nothing but a API request.
So since the integration configuration is now done, I will start making API calls so for the to make API, because we have to first so add a endpoint endpoint URL, which particular request you want to make.
Oh I will first try to create one account directly from Postman to Salesforce.
So in order to get more information of endpoints here is a you can refer to this article, which contains all the in important URLs that you can call from the third party system, which are these are actually some standard.
Endpoint URLs that you can Leverage so I will make use of this particular URL just to get the basic information of account object.
Okay, let me copy this.
Is my domain URL appended with this Services slash API version and S objects? Okay, I just copied the wrong thing.
Maybe let me just select again after my domain, URL I will run this part and yeah.
So if I want to create an account, so I will use Post, Service, post method and inside the body I will provide the information of that account.
That is so, like name and all other information that I want to provide, while to create a account account created on API.
So this should be the name of my account if I send this request.
Okay, what is it text plane is not supported if okay I have you I have to use here Json, so the body that I'm sending as an input parameter that should be in the form of Json and not text, see this account has been created in my org if I just copy the ID and go to my org directly.
Just to see my newly created account, I want to paste the ID, but the URL is too long.
So now, I can paste my ID over here.
Hit it and yeah see this account just got created.
The name is account created from API post great.
So this is see this just got created with my name and if I would have provided other values in the fields that would have that would have also been populated.
Now, let's make the second call.
So let let let's skip this one.
This request, just for post account, we'll create another request to get the Account Details.
Okay, use this thing URL, but this time with a different method which is get method and in order to fetch the exact record account record will just provide the ID of that report.
So let me provide the ID here.
The URL is same just appending it with an ID.
Let's get the details of this account see we got it the name and all other fields which are for now null so yeah.
This is how Postman got integrated with Salesforce, and you can start making API calls you can create records get records.
You can do other different things.
Thank you for watching goodbye.
To set up the client credentials flow, see Configure a Connected App for the OAuth 2.0 Client Credentials Flow. To authorize a single connected app to introspect all access and refresh tokens within the entire org, select Introspect all tokens. By default, all connected apps can introspect their own tokens.How do I test a connected app in Salesforce Postman? ›
- Create a Connected App for OAuth. To perform OAuth in salesforce, you must create a Connected App in salesforce. ...
- Setup Postman. ...
- Get Access Token in Postman. ...
- Setup variable for postman project. ...
- Test Salesforce Rest API using Postman.
Use the link https://www.postman.com/downloads/ to download the free postman tool. Create a new request. Use https://labelbox.my.salesforce.com/services/apexrest/SFOrganizationIntegrationService in the URL box for Sandbox connection. Choose POST method since it is a POST request to get access__token for Salesforce Org.How do I connect to API via Postman? ›
Sending an API request
When you're ready, open Postman and send your first API request. Select + in the workbench to open a new tab. Enter postman-echo.com/get for the request URL. Select Send.
- Here is a detailed example explaining how to enter a new API request using BlazeMeter's 'test create' API, but you can do this for the product you are developing:
- Launch Postman by clicking on the logo. ...
- You can now run API testing through BlazeMeter!
- In Postman, go to Authorization and select OAuth 2.0 as Type.
- Press button Get new Access Token.
- Enter any name for Token Name.
- In Auth URL enter the Authorization Endpoint URL you have copied before.
- In Access Token URL enter the Token Endpoint URL you have copied before.
OAuth 1.0 only handled web workflows, but OAuth 2.0 considers non-web clients as well. Better separation of duties. Handling resource requests and handling user authorization can be decoupled in OAuth 2.0.What is the difference between OAuth 2.0 and OAuth? ›
OAuth 1.0 has been designed focusing on the interactions of inbound and outbound messages in web client applications. Therefore, it is inefficient for non-browser clients. OAuth 2.0 has addressed this issue by introducing more authorization flows for different client needs that do not use web UIs.How to use Postman to test API with authentication? ›
- Open your API Keys page. Select your avatar in the Postman header, then select Settings. Then select API keys.
- If you do not have a key you will be prompted to create one. Select Generate API Key.
- Enter a name for your key and select Generate API Key.
- Copy your key.
You can add tests to individual requests, collections, and folders in a collection. Postman includes code snippets you add and then change to suit your test logic. To add tests to a request, open the request and enter your code in the Tests tab. Tests will execute after the request runs.
A callback URL is the URL that is invoked after OAuth authorization for the consumer (connected app). In some contexts, the URL must be a real URL that the client's web browser is redirected to.How do I create a connected app in Salesforce for REST API? ›
- Fill in the following information: Attribute. ...
- Select Enable OAuth Settings.
- From Available OAuth Scopes, add Manage User Data via APIs (api), and Perform requests on you behalf at any time (refresh_token, offline_access). ...
- Click Save and continue.
- Insert a Record in Salesforce. Method:- Post. URL:- /services/data/v36.0/sobjects/Account/ ...
- Update a record in Salesforce. Method :- Patch. URL:- /services/data/v36.0/sobjects/Account/0019000001hE8apAAC. ...
- Delete a record in Salesforce. Method :- Delete. ...
- Get a Record.
Postman is an API development environment which is used to test an API, create and run automated tests, examine responses and do a lot more stuff. As a Salesforce Developer or Admin, you can use postman to test APIs and their responses.How do I access connected apps in Salesforce? ›
- From Setup, enter Connected Apps in the Quick Find box, then select Manage Connected Apps.
- Click a connected app to view on the Connected App Detail page.
- For connected apps that use SAML and if your org is an Identity Provider, click Download Metadata.
- Download and install the Salesforce Authenticator app for the type of mobile device you use. ...
- From your personal settings, in the Quick Find box, enter Advanced User Details , then select Advanced User Details.
- Configure a Predefined Authentication Provider. ...
- Configure a Salesforce-Managed Authentication Provider.
- Configure an Authentication Provider Using OpenID Connect.
- Create a Custom External Authentication Provider.
- Add an Authentication Provider to Your Org's Login Page.
Log in to Salesforce as an administrator. In the drop-down list of the account (in the upper-right corner), select Setup. In the left-hand pane, go to App Setup > Create >Apps. In the Connected Apps pane, click the New button.