Friday, April 24, 2015


OAuth (Open Authorization) is an open protocol to allow secure API authorization in a simple and standardized way from desktop and web applications. The platform implements the OAuth 2.0 Authorization Framework, so users can authorize applications to access resources (via the REST and SOAP Web Service APIs) or Chatter resources (via the Chatter REST API) on their behalf without revealing their passwords or other credentials to those applications. Alternatively, applications can directly authenticate to access the same resources without the presence of an end user.

In this blog, I will be specifying different steps which we need to perform in order to generate Access token for Salesforce org. We will be using 2 different developer org. In org 1, we will be writing all code to generate access token for another org.

In order to access token from different org and storing different required information, we will create custom object (External_Application__c) and create different fields mentioned below:

Field Label
Field Name
Data Type
Access Token
Text Area(255)
Application Name
Text(255) (Unique Case Insensitive)
Authorization Server Response
Long Text Area(32768)
Callback URL
Text Area(255)
Client ID
Text Area(255)
Consumer secret
Text Area(255)
Text Area(255)
Instance URL
Text Area(255)
Issued at
Text Area(255)
Outh Code
Text Area(255)
Text Area(255)
Salesforce Domain
Text Area(255)

Different steps involved in order to get access token:

Login to developer organization (org 2) for which you want to generate access token.
  1. Navigate to Setup Create Apps, and in the Connected Apps section, click New to create a new connected app and click Enable OAuth Settings to open the API section.
  2. Specify name (here I am specifying "Rest Playground"), check enable OAuth settings checkbox and specify callback URL (in my case- here xxx refer to domain name for example ap1,ap2 etc.
  3. You may leave “Selected OAuth Scopes” blank.
  4. Click on Save. You will get consumer key and consumer secret key. Copy these 2 keys values and store it in notepad.

Now login to developer organization (org 1) where you will be writing whole logic to find access
token for org 2.
  • Create a custom button "Refresh Access Token" in External Application object. 

  • Create a VF page “WebServerAuthentication” and apex class “WebServerAuthenticationController”.

  • Add custom button "Refresh Access Token"  to External Application page layout.
  • Create Remote Site Settings records. Specify domain name of org 2 for which you want to fetch access token.

  • Now create a External Application records. Specify consumer key (generated while creatin connected app in org 2) in client id field. Enter consumer secret and callback URL as present in connect app record in org 2.

Now we ready to generate access token which for org 2. Go to detail page of  record which you created. I have created record with name as "SunilKumar04".  Click on Refresh Access Token.
System will redirect you to salesforce login page. Enter the credential of org 2 for which you want access token. After logging, if system ask any permission then click on Allow button. After that you will be redirected to org 1 and you can see the response details on External Application record detail page.


  • If you are integrating 2 developer org, then create domain in your developer org and use domain URL  as endpoint URL in Httprequest.
  • You can connect to different org. Create different records in External Application object for different org.
  • For more detailed information on obtaing access token, please refere below URL


  1. Is it possible to get accesstoken without using any page?

  2. nice post too informative. looking and reading your points its so impressive. doing more blog like this. i really appreciated doing like this.
    salesforce training in chennai

  3. good article was really helpful

  4. Mudra Token Creator is the simplest way to create BEP-20 tokens. No coding is required, mint tokens instantly. Anti-whale mechanisms, transaction fee rewards, honeypot-free code, and hyper-deflationary mechanics with automated liquidity and buyback - are all best-in-class features included in the token generated. Mudra is also the most affordable platform. Not only that, but Mudra Token Creator provides free additional services such as setting up a liquidity pool. bsc liquidity lock