How To Get Refresh Token In Salesforce Using Postman
Getting a Refresh Token in Salesforce Using Postman
Understanding Refresh Tokens
Refresh tokens are crucial for maintaining uninterrupted access to Salesforce APIs after the initial access token expires. They allow your application to obtain new access tokens without requiring the user to re-authenticate.
Prerequisites
- Salesforce Developer Account: You need a Salesforce Developer account to access the API.
- Postman: Download and install Postman.
- Connected App: Create a Connected App in Salesforce to authorize Postman to access your Salesforce data.
- Consumer Key and Secret: Obtain the Consumer Key and Secret from your Connected App in Salesforce.
Obtaining the Refresh Token
Here’s a step-by-step guide on how to obtain a refresh token in Salesforce using Postman.
1. Request Initial Access Token
1.1 Create a new Postman Request
- Create a new request in Postman.
- Set the request method to POST.
- Set the request URL to:
https://login.salesforce.com/services/oauth2/token.
1.2 Add Authentication Parameters
- In the “Authorization” tab, select “Basic Auth.”
- Enter your Connected App’s Consumer Key in the “Username” field.
- Enter your Connected App’s Secret in the “Password” field.
1.3 Add Body Parameters
-
Navigate to the “Body” tab and select “x-www-form-urlencoded.”
-
Add the following parameters:
grant_type:passwordusername: Your Salesforce usernamepassword: Your Salesforce password
1.4 Send the Request
- Click the “Send” button.
1.5 Success Response
-
If successful, you’ll receive a response with the following information:
access_token: Your initial access token.refresh_token: Your refresh token.instance_url: Your Salesforce organization’s URL.token_type:bearer
-
Note: Store your refresh token securely!
2. Using the Refresh Token
2.1 Create a New Postman Request
- Create a new request in Postman.
- Set the request method to POST.
- Set the request URL to:
https://login.salesforce.com/services/oauth2/token.
2.2 Add Authentication Parameters
- In the “Authorization” tab, select “Basic Auth.”
- Enter your Connected App’s Consumer Key in the “Username” field.
- Enter your Connected App’s Secret in the “Password” field.
2.3 Add Body Parameters
-
Navigate to the “Body” tab and select “x-www-form-urlencoded.”
-
Add the following parameters:
grant_type:refresh_tokenrefresh_token: The refresh token you obtained from the previous step.
2.4 Send the Request
- Click the “Send” button.
2.5 Success Response
- If successful, you will receive a new access token.
3. Code Example (JavaScript)
// Step 1: Get access token and refresh tokenconst request = { url: 'https://login.salesforce.com/services/oauth2/token', method: 'POST', auth: { type: 'basic', user: 'your_consumer_key', pass: 'your_consumer_secret', }, form: { grant_type: 'password', username: 'your_salesforce_username', password: 'your_salesforce_password', }};
axios(request) .then((response) => { const accessToken = response.data.access_token; const refreshToken = response.data.refresh_token; // ... use access token // store refresh token securely for later use return refreshToken; });
// Step 2: Using refresh token to get new access tokenconst refreshRequest = { url: 'https://login.salesforce.com/services/oauth2/token', method: 'POST', auth: { type: 'basic', user: 'your_consumer_key', pass: 'your_consumer_secret', }, form: { grant_type: 'refresh_token', refresh_token: 'your_refresh_token', }};
axios(refreshRequest) .then((response) => { const newAccessToken = response.data.access_token; // ... use new access token });Conclusion
Refresh tokens in Salesforce API testing provide a seamless way to keep your API calls authenticated even after access tokens expire. By following these steps, you can successfully use Postman to obtain refresh tokens and refresh your access tokens, ensuring continuous access to Salesforce data. Make sure to store your refresh tokens securely for optimal authentication and API usage.