Using Advanced REST Client to test REST Request - step by step

【前言】： 17年的时候，我们可以在connected app里面去配置oauth2.0认证，那到18年9月13日再去创建发现connected app处已经看不到New按钮了，目前可以在Lightning中到app manager中创建connected app，如下图：APP - 做auth2.0验证使用

Connected App设置后可以获得Consumer Key和Consumer Secret. Consumer Key: 3MVG9ZL0ppGP5UrBPEyfde5VESRlM30EznnBnO3FlL49ozmrF97ee9NOgIUtbi5Nm8uPttY2Vsczpave8JsxlConsumer Secret: 4710087710557659561Note: 一旦创建好之后，部署到生产环境Consumer Key和Consumer Secret是一样的。

How to connect Advanced REST Client? Connected Link:

https://login.salesforce.com/services/oauth2/token?grant_type=password&client_id=3MVG9ZL0ppGP5UrBPEyfde5VESRlM30EznnBnO3FlL49ozmrF97ee9NOgIUtbi5Nm8uPttY2Vsczpave8Jsxl&client_secret=4710087710557659561&username=itsme@delloitte.com&password=admin123yF0cOjR6qMVFVN4IRJr4E6Hs

Do POST Request to get access_token and token_type:

{ "access_token": "00D28000000bNDI!AQMAQAziOABzixdUqHrVXsPt_SXeM455m4WsoqXbh4UaE1gU7yeZI8Cvui6Ycy1GRqE2nhXeDXC9vFUq.ipL2X3kDNXHu_tN1”, "instance_url": "https://componentstest-dev-ed.my.salesforce.com", "id": "https://login.salesforce.com/id/00D28000000bNDIEA2/00528000005ENAIAA4", "token_type": "Bearer", "issued_at": "1504051357502", "signature": "FdYNUzrkxeJApcivQAX0QIB5EmaNQjcKs7xIe5byYfk=" }

1.使用GET方法查找数据：GET - R

https://componentstest-dev-ed.my.salesforce.com/services/data/v40.0/query?q=select id, name from account

返回码：200，请求成功response the object’s information

注意：Headers form的Authorization的value格式：access_type+空格+access_token

2.使用POST方法创建记录：POST - C

https://componentstest-dev-ed.my.salesforce.com/services/data/v40.0/sobjects/account

返回码：201，创建成功response the record id

3.使用PATCH方法更新记录：PATCH - U

https://componentstest-dev-ed.my.salesforce.com/services/data/v40.0/sobjects/account/0012800001VJIzuAAH

返回码：204，更新成功，无返回值no response

4.使用DELETE方法删除记录：DELETE - D「Content-Type is not required.」

https://componentstest-dev-ed.my.salesforce.com/services/data/v40.0/sobjects/account/0012800001VJIzuAAH

返回码：204，删除成功，无返回值no response

Q:: 为啥用同一个connect url post请求返回的access_token不一样？并且昨天使用的access_token今天使用会过期？

A:: access_token有有效时间的，外部系统对sf数据操作时，需要不定期获取access_token，当然sf可以设置过期时间如2h，12h等。

【参考资料】： 1. https://www.slideshare.net/asagarwal/a-60-minutes-step-by-step-diy-guide-to-salesforce-rest-api-for-non-developers?qid=e6011c30-3581-4bcf-916f-30b7844c51da&v=&b=&from_search=1

2. 如何获取consumer key和consumer secret链接：https://onlinehelp.coveo.com/en/ces/7.0/administrator/getting_salesforce_client_id_and_client_secret_values.htm

3. https://blog.lkatney.com/2018/03/07/oauth-series-web-server-oauth-flow-salesforce/