[SalesForce] Making a request with permanent token within the SOAP header

I need to get some info via SOAP calls and I stick with one error. Right now I need to support two ways of sending SOAP calls:

  1. making a call with username-password params
  2. making a request with permanent token within the SOAP header (without providing user name and password)

The first case is working fine. Here is a sample:

ConnectorConfig partnerConfig = new ConnectorConfig();
partnerConfig.setUsername(userName);
partnerConfig.setPassword(password);
partnerConfig.setAuthEndpoint("https://" + instanceUri + "/services/Soap/u/27.0");
partnerConfig.setRestEndpoint("https://" + instanceUri + "/services/data/v27.0");
partnerConfig.setPrettyPrintXml(true);
PartnerConnection partnerConnection = new PartnerConnection(partnerConfig);
DescribeGlobalResult global = partnerConnection.describeGlobal();

global object is returned successfully.

Then I tried to do this via SOAP headers. Here is my code:

ConnectorConfig partnerConfig = new ConnectorConfig();
partnerConfig.setServiceEndpoint("https://" + instanceUri + "/services/Soap/u/27.0");
partnerConfig.setSessionId(soapToken);
partnerConfig.setManualLogin(true);//to prevent login() for partnerConnection 
partnerConfig.setAuthEndpoint("https://" + instanceUri + "/services/Soap/u/27.0");
partnerConfig.setRestEndpoint("https://" + instanceUri + "/services/data/v27.0");
partnerConfig.setPrettyPrintXml(true);
PartnerConnection partnerConnection = new PartnerConnection(partnerConfig);
partnerConnection.setCallOptions(soapToken, null);
DescribeGlobalResult global = partnerConnection.describeGlobal();

in this case I'm getting 

UnexpectedErrorFault [ApiFault  exceptionCode='INVALID_SESSION_ID' exceptionMessage='Invalid Session ID found in SessionHeader: Illegal Session'

error after partnerConnection.describeGlobal();

Can someone help me in this question? Maybe I missed something.

Regards, Eugene

Best Answer

If by permanent token you mean an OAUth refresh token, then you can not make API calls directly with the refresh token, instead you use the refresh token to get a new access token an use that to call the API (passing the access token in the same way you'd pass a sessionId)

Related Topic