You are here

How to Build a Basic Salesforce REST API Integration

Due to the large reach of Salesforce, there is a big opportunity to leverage their ecosystem if you have a product in the sales and marketing space. A recent tutorial by Russell Vaughan of GoSquared does just this by showing you how to build an integration with the Salesforce API Track this APIto send marketing insights to a sales team.

What the REST API does for you is to capture users’ (or leads) behavior when they browse a site. When a lead takes a look at your pricing page or views a webinar, your sales team can follow up with a workflow created in Salesforce. When you build the app based on these benefits (and the steps included in the original article), you will see how to send customers’ data to Salesforce and how to retrieve customers’ data from Salesforce.

Your app will include the following features:

  1. Authorization
  2. Users’ data push
  3. Users’ data retrieval

Your first step is to sign up to obtain a free developer account at As a developer, you will be able to add and manage users.
Vaughan makes clear that a connected app should be thought of as a small app that sits on Salesforce’s infrastructure and it is where the integration takes place. The connected app can help you to authenticate and redirect requests to a client. After setting up your Salesforce developer account, the tutorial takes you through the steps to set up a connected app. Once you have your app, you’ll be given a Consumer Key and a Consumer Secret.

Next the tutorial looks at how to implement the features starting with authorization.

1.Salesforce Oauth data flow

Since you need customer data, you will invite users to go to your website to make actions (click, watch, scroll, browse, etc). Once your customers’ data is recorded, it will be redirected to a auth endpoint and you will have access granted through an endpoint. The idea is to transfer their Salesforce data on their behalf.
After a successful authentication with an endpoint, Salesforce will send a response with an Access and Refresh token. The Access token has an expiration date of 15 minutes and the Refresh token helps you get in when the Access is expired.
Let’s see this sample API call:


That’s the request you will make as an initial authorization. The client_id will be your consumer ID from the connected app and the redirect_uri will be the Callback URL. When you have a successful response, your user will login and authenticate.

Once the data is authorized, Salesforce will add an authorization code to the URL, creating a request that looks like this:  

This is the code parameter when you make a request to Salesforce token endpoint to receive your Access and Refresh Token.
Let’s see an example request:


With an example response:

  "access_token": "YOUR_ACCESS_TOKEN",
  "refresh_token": "YOUR_REFRESH_TOKEN",
  "signature": "signature",
  "scope": "refresh_token api id",
  "instance_url": "",
  "id": ",
  "token_type": "Bearer",
  "issued_at": "timestamp"

With the request and responses, you’re building a base for the next API calls via URL. Because you want to access users’ data on their behalf, you can make requests and receive responses in return, considering the Refresh token that will keep you authenticated.

Refresh token example call:


Refresh token example response:

  "access_token": "REFRESHED_ACCESS_TOKEN",
  "signature": "signature",
  "scope": "refresh_token id api",
  "instance_url": "",
  "id": "",
  "token_type": "Bearer",
  "issued_at": "timestamp"

As you’re an authenticated developer, you will be able to make requests and receive responses (with users’ data behavior for the sales team). You will be ready then, to work with Salesforce objects or sobjects, database tables that include an organization’s data such as accounts, contacts, leads, and tasks.
To illustrate a Salesforce sobject, the author plays with “Johnny Appleseed” a contact object.

2.Push data from your app to Salesforce

To create a contact, build the API URL using the instance from the Access token like this:

Johnny Appleseed example request

curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"FirstName" : "Johnny", "LastName" : "Appleseed"}'

(Your contact will need a last name as the minimum for an entry to be created).
The response you get back will be the id of your contact


Which will also let you build a link directly to the contact.

3.Retrieving data from Salesforce to your app

Once you know how to create a contact, you’re ready to retrieve a list of contacts with their respective data by making a request to a describe endpoint as the author recommends, aiming to access fields to be populated by users’ data:
Example request:

curl -H  "Authorization: Bearer YOUR_ACCESS_TOKEN"

It will give a detailed response of all of the fields available that will look like this:

      "autoNumber": false,
      "byteLength": 120,
      "calculated": false,
      "calculatedFormula": null,
      "caseSensitive": false,
      "controllerName": null,
      "createable": true,
      "custom": false,
      "defaultValue": null,
      "defaultValueFormula": null,
      "defaultedOnCreate": false,
      "dependentPicklist": false,
      "deprecatedAndHidden": false,
      "digits": 0,
      "externalId": false,
      "filterable": true,
      "groupable": true,
      "htmlFormatted": false,
      "idLookup": false,
      "inlineHelpText": null,
      "label": "First Name",
      "length": 40,
      "name": "FirstName",
      "nameField": false,
      "namePointing": false,
      "nillable": true,
      "picklistValues": [],
      "precision": 0,
      "referenceTo": [],
      "relationshipName": null,
      "relationshipOrder": null,
      "restrictedPicklist": false,
      "scale": 0,
      "soapType": "xsd:string",
      "sortable": true,
      "type": "string",
      "unique": false,
      "updateable": true,
      "writeRequiresMasterRead": false

If you want more information about Johnny Appleseed, you will create a custom query to find a users’ name, email, and phone number:

curl,name,email,phone+from+Contact -H 'Authorization: Bearer YOUR_ACCESS_TOKEN'


{"totalSize":1,"done":true,"records":[{"attributes":{"type":"Contact","url":"/services/data/v42.0/sobjects/Contact/id"},"Id":"id","Name":"Jonny Appleseed","Email":"","Phone":"555-555-555"} ]}

The Johnny Appleseed example shows only name, email, and phone number to authenticate, push data to Salesforce, and retrieve data from Salesforce.

Disclosure: ProgrammableWeb's parent company is MuleSoft. Mulesoft was acquired earlier this year by Salesforce. The acquisition did not influence our choice to develop this tutorial. 

Original Article

How to build a basic Salesforce REST API Integration