Home SalesforceIntegration Generate Salesforce Authentication Token using Postman

Generate Salesforce Authentication Token using Postman

by Dhanik Lal Sahni
Generate Salesforce authentication token using postman

The Salesforce Authentication Token is an important component in the authentication process for securely accessing Salesforce APIs and resources. It serves as a kind of identification, ensuring that only authorised users or applications have access to Salesforce data. The token is largely utilised in the OAuth 2.0 flow, which is the preferred mechanism for authenticating and authorising third-party apps to access Salesforce services. This post will explain how to generate a Salesforce authentication token using Postman.

Here are the primary use cases of the Salesforce Authentication Token

1. API Access

Using an access token, we can gain access to Salesforce REST or SOAP APIs. The token is supplied in the HTTP request headers to validate the request’s validity and to grant access to specified resources according to the user’s rights.

2. Single Sign-On (SSO)

In Single Sign-On implementation, the authentication token is utilised to facilitate seamless access to Salesforce and other connected applications. Users simply need to log in once with SSO, and future access to Salesforce and other linked systems is allowed instantly, eliminating the need to re-enter credentials.

3. Connected Apps

Salesforce Connected Apps are third-party applications or services that communicate with Salesforce APIs. During the OAuth 2.0 flow, connected apps use the authentication token to receive an access token. Based on the permissions given, the access token enables the app to make API requests on behalf of a user or the connected app itself.

4. Integration with External Systems

When Integrating Salesforce with other external systems, the authentication token is required. For example, if you have a web application that needs to access Salesforce data on behalf of a user, you can grant the appropriate access using the OAuth 2.0 procedure and the authentication token.

Let us generate an authentication token using POSTMAN.

  1. Set up a connected app in Salesforce
  2. Get the Consumer Key and Secret
  3. Add User for Connected App
  4. Create a Postman request to get the access token

1. Set up a connected app in Salesforce

Salesforce Connected Apps is a technique to enable and manage the safe integration of external apps or services with Salesforce. They are a component of Salesforce’s Identity and Access Management architecture that uses the OAuth 2.0 authentication protocol. To create a connected app in Salesforce navigate to Setup > App Manager > New Connected App.

We need to specify a connected app name, and an email and ensure to Enable OAuth Settings. Additionally, we need to select the required OAuth Scopes.

Put callback URLhttps://oauth.pstmn.io/v1/callback

Selected OAuth Scopes – select Manage user data via Web browsers (web), Perform requests at any time (refresh_token, offline_access) and Access unique user identifiers (opened)

Salesforce Connected App - Salesforce authentication token using Postman

Save the connected app. It might take 2-10 minutes to take effect. It will give Consumer Key & Secret. We will use this Consumer Key & Secret in the POSTMAN setting.

2. Get the Consumer Key and Secret

Once the connected app is saved, it will generate the consumer key and secret. Click on the Manage Consumer Details button on the connected app page. It will ask for a verification code which will be sent by email. After verification, it will show consumer detail in another window.

Connected App Consumer Key and Secret

3. Create a User for Connected App

Create a user for the connected app which will help us in managing security on Salesforce Object. We should create special users only for API integration. Check out the help documentation to create a secure user Create a secure Salesforce API user.

4. Create a Postman request to get the access token

Now let us create a Postman request to get the access token. Open Postman and create a new POST request.

Authentication URL: https://login.salesforce.com/services/oauth2/token or https://test.salesforce.com/services/oauth2/token for sandbox org.

In the Body tab set the below details

grant_type: password
client_id: CONSUMER_KEY
client_secret: CONSUMER_SECRET
username: YOUR_SALESFORCE_USERNAME
password: YOUR_SALESFORCE_PASSWORD + YOUR_SALESFORCE_SECURITY_TOKEN

Replace CONSUMER_KEY, CONSUMER_SECRET, YOUR_SALESFORCE_USERNAME, YOUR_SALESFORCE_PASSWORD, and YOUR_SALESFORCE_SECURITY_TOKEN with actual Salesforce credentials.

Salesforce Authentication Token using Postman

It will generate access_token, instance_url, and token_type. This token can be used for Salesforce API access.

Notes:

If you are getting an Invalid_Grant – Authentication Failure error then you can try the below tips

  1. try putting/removing a security token with a password
  2. Enable Allow OAuth Username-Password Flows in OAuth and OpenID Connect Settings
  3. Check Login History for Error.

References:

Create a secure Salesforce API user

Manage Access to a Connected App

Related Posts

What is Microservice Architecture?

What is Monolithic Architecture?

TOP 10 BEST PRACTICES FOR LIGHTNING FLOW

TOP 10 ENTERPRISE INTEGRATION USE CASES

TOP 10 SOQL BEST PRACTICES

TOP 10 SALESFORCE SECURITY BEST PRACTICES

You may also like

2 comments

mukul January 17, 2024 - 7:54 am

very helpfull

Reply
Dhanik Lal Sahni February 6, 2024 - 1:35 pm

Thank You Mukul.

Reply

Leave a Comment

Top 10 Salesforce Service Cloud Features Top 10 Best Practices for Lightning Flow Facts and Statistics for Salesforce’s Size and Market Share Top 5 Contract Management Salesforce Apps Top 10 Enterprise Integration Use Cases