I usually wouldn’t write about such a mundane subject, but given the past several soul sucking hours, I decided I would put in my humanitarian service for the week by telling others how to accomplish what should be a totally trivial task, that just isn’t for Salesforce.com: generating API credentials.
Given that I’m totally new to Salesforce integrations, I’m sure that someone will come find this post at some point and lambast me for my missteps and miscomprehension. That’s fine, because this post isn’t written for you. It’s written for the thousands of application developers out there who have customers who have unfortunately chosen to use this overpriced behemoth.
Also, big WARNING, it’s apparent from the many stack exchange questions and salesforce.com instruction links that Salesforce changes their shit all the time and doesn’t make any effort to clean up their documentation or ensure the old flow still works. So if you’re reading this around March 2015, then it should be good, otherwise, if the following instructions just don’t match what you see, it’s not you, it’s Salesforce.
For those of you who just need to generate a set of API credentials for their own data automation and synchronization needs:
Create an account. You can create a (free) developer account at developer.salesforce.com
Ignore all the landing pages and getting started crap. It’s an endless marketing loop.
Click the “Setup” link
In the lefthand toolbar, under “Create”, click “Apps”
Under “Connected Apps” click “New”
Fill out the form. Important fields are marked below (you can leave the rest blank)
Be advised that Salesforce has crappy availability.
Press continue. You finally have your key (client id) and secret (client secret).
But wait! You’re not done yet.
Make sure IP restrictions are disabled as well, and make sure that Permitted Users is set to “All users may self-authorize.”
If you’re concerned about disabling security, don’t be for now, you just want to get this working for now so you can make API calls. Tighten permissions once you have everything working, one at a time, so you can figure out what setting is giving you authentication errors.
Celebrate! This curl call should succeed:
curl -v https://login.salesforce.com/services/oauth2/token -d “grant_type=password” -d “client_id=YOUR_CLIENT_ID_FROM_STEP_8″ -d “client_secret=YOUR_CLIENT_SECRET_FROM_STEP_8″ -d “firstname.lastname@example.org” -d “email@example.com”
- You shouldn’t be doing password authorization if you’re building a multi-tenant app, where users need to authorize their own application. Use the Oauth2 workflow for that.