[SalesForce] SOAP-API authentication

I am trying to implement SOAP-API for Java and find that the authentication is 2 step using the REST and then passing the token in the SOAP header. I also downloaded the example from http://help.exacttarget.com/en/technical_library/web_service_guide/getting_started_developers_and_the_exacttarget_api/connecting_to_the_api_using_java_and_axis2/

In the example I dont find the REST api call but username and password. Which is the correct way to authenticate?

Thanks
–Narasimha

Best Answer

Generally with the SOAP API you have two ways to authenticate a request with Salesforce.

You use the login API call with the username and password to get a SessionID and corresponding Server URL to make the subsequent API calls to. The SessionId should be sent via the SessionHeader. Typically you will need to append the security token to the password unless your IP address has be added to the Org.
You use an alternative means to get a valid Session Id and proceed directly to using the SessionHeader.

There are several alternatives for getting a valid Session Id. OAuth 2.0 is the preferred method if you are requesting credentials from individual users. By selecting the correct flow there is no need for the user to give your app their username and password. Instead you get the resulting access token that can be used for API calls. Generally speaking the access token is interchangeable with the session Id (depending on the requested scopes).

Related Solutions

[SalesForce] Authentication Bearer in SOAP API

Your code shows you've really tried a lot of stuff - I gave it a go but it looks like it might be expecting a different version of the PHP toolkit, there are methods missing etc...

First, can you try this?

download a brand new version of the Force.com Tookit for PHP,
freshly generate your enterprise WSDL from Setup > Develop > API and save it alongside,

put this minimal snippet in a test file (with your username, password, token) and run it:

define('USERNAME',       'derp@example.com');
define('PASSWORD',       'd123456h');
define('SECURITY_TOKEN', 'fWyABCDQIC81ld5IiOR481234');

require_once 'soapclient/SforceEnterpriseClient.php';
$mySforceConnection = new SforceEnterpriseClient();
$mySforceConnection->createConnection('enterprise.wsdl.xml');
$mySforceConnection->login(USERNAME, PASSWORD . SECURITY_TOKEN);

//extract the Server URL and Session ID (and don't EVER use regexp for this ;-)
$server_pattern  = '#<serverUrl>(.+)</serverUrl>#';
$session_pattern = '#<sessionId>(.+)</sessionId>#';
preg_match($server_pattern,  $mySforceConnection->getLastResponse(), $servers);
preg_match($session_pattern, $mySforceConnection->getLastResponse(), $sessions);
var_dump('Server URL: ' . $servers[1]);
var_dump('Session ID: ' . $sessions[1]);

Second, in a separate script:

copy the above Server URL and Session ID into setEndPoint and setSessionHeader like so:

require_once 'soapclient/SforceEnterpriseClient.php';
$mySforceConnection = new SforceEnterpriseClient();
$mySforceConnection->createConnection('enterprise.wsdl.xml');
$mySforceConnection->setSessionHeader('00Dd0000000GHJK!12345678901z6c5Ghg...');
$mySforceConnection->setEndPoint('https://na14-api.salesforce.com/...');

now perform your query as normal

$query = 'SELECT Id, Name FROM User ORDER BY ID DESC LIMIT 1 ';
$response = $mySforceConnection->query($query);
var_export($response->records[0]);

/**
 * stdClass::__set_state(array(
 *   'Id'   => 005d0000001vfmqAAA,
 *   'Name' => 'Derp Herpinson',
 * ))
 */

At this point you are working with the Session ID and not the credentials.

[SalesForce] How to get list of data extension fields using SOAP API

It's a simple retrieve on the DataExtensionField object. You can filter on DataExtension.CustomerKey if you want to view the columns for a specific Data Extension.

Here's a example SOAP envelope: https://gist.github.com/wvpv/9001b002ebf7552f64db

<?xml version="1.0" encoding="UTF-8"?>
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
   <s:Header>
      <a:Action s:mustUnderstand="1">Retrieve</a:Action>
      <a:MessageID>urn:uuid:e3f7fdfe-d225-47fb-a764-ad4f465fb724</a:MessageID>
      <a:ReplyTo>
         <a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>
      </a:ReplyTo>
      <a:To s:mustUnderstand="1">https://webservice.exacttarget.com/Service.asmx</a:To>
      <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
         <u:Timestamp u:Id="_0">
            <u:Created>2014-11-18T14:44:10.936Z</u:Created>
            <u:Expires>2014-11-18T14:49:10.936Z</u:Expires>
         </u:Timestamp>
         <o:UsernameToken u:Id="uuid-642de236-bbe2-41d9-b965-d107063c913c-3">
            <o:Username>
               <!-- Removed-->
            </o:Username>
            <o:Password>
               <!-- Removed-->
            </o:Password>
         </o:UsernameToken>
      </o:Security>
   </s:Header>
   <s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RetrieveRequestMsg xmlns="http://exacttarget.com/wsdl/partnerAPI">
         <RetrieveRequest>
            <ObjectType>DataExtensionField</ObjectType>
            <Properties>Client.ID</Properties>
            <Properties>CreatedDate</Properties>
            <Properties>CustomerKey</Properties>
            <Properties>DataExtension.CustomerKey</Properties>
            <Properties>DefaultValue</Properties>
            <Properties>FieldType</Properties>
            <Properties>IsPrimaryKey</Properties>
            <Properties>IsRequired</Properties>
            <Properties>MaxLength</Properties>
            <Properties>ModifiedDate</Properties>
            <Properties>Name</Properties>
            <Properties>ObjectID</Properties>
            <Properties>Ordinal</Properties>
            <Properties>Scale</Properties>
            <Filter xsi:type="SimpleFilterPart">
               <Property>DataExtension.CustomerKey</Property>
               <SimpleOperator>equals</SimpleOperator>
               <Value>DATA EXTENSION NAME</Value>
            </Filter>
            <QueryAllAccounts>true</QueryAllAccounts>
            <Retrieves />
            <Options>
               <SaveOptions />
               <IncludeObjects>true</IncludeObjects>
            </Options>
         </RetrieveRequest>
      </RetrieveRequestMsg>
   </s:Body>
</s:Envelope>

Best Answer

Related Solutions

[SalesForce] Authentication Bearer in SOAP API

[SalesForce] How to get list of data extension fields using SOAP API

Related Topic