0

I am trying to fetch records from a scratch org using the tooling API provided by salesforce and user access token. Lets say

accesstoken = "abcd"
url = "https://example.my.salesforce.com/services/data/v49.0/tooling/query?q=SELECT+Id,Name+FROM+Account"

I have used axios node module to make the API call as given below

    const options = {
        headers: {
            "Authorization": "Bearer " + accessToken,
            "Content-Type": "application/json"
        }
    };
    axios.get(url, options).then(response => {
        console.log(response.status);
        if(response.status == 200){
            console.log(response.data);
        } else {
            //do something else
        }
   });

The call responds with a status 200 i.e the request provided a response. But instead of correct records from Account object, I get the login html page

' Login | Salesforcehtml{visibility: hidden;}a{color:#0070d2;}body{background-color:#F4F6F9;}#content,.container{background-color:#ffffff;}#header{color:#16325c;}body{display: table; width:100%;}#content{margin-bottom:24px;}#wrap{height:100%;} html { visibility: hidden; } if (self == top) {document.documentElement.style.visibility = 'visible';} else {document.write = ''; top.location = self.location; setTimeout(function(){document.body.innerHTML='';}, 1);window.self.onload=function(evt){document.body.innerHTML='';};}var SFDCSessionVars={"server":"https://test.salesforce.com/login/sessionserver212.html","im":true,"ah":"active","save":"Save","saveOne":"Save 1 Change","sum":"#p# Saved Usernames","iaac":false,"hac":"Choose a Username","suo":"1 Saved Username","title":" | Salesforce","saveMany":"Save #p# Changes","lpt":"Login","lllbl":"Lightning Login","host":"test.salesforce.com","le":false,"heu":"Edit Username List","ic":false,"lh":false,"ur":"https://business-data-8148-dev-ed.cs79.my.salesforce.com","hidp":"Log In Using","ih":"inactive","dc":"Username removed. Click Save to Commit Changes."};LoginHint.hideLoginForm();Edit ListSaveCancel

UsernamePassword Caps Lock is on.Remember me
Forgot Your Password?To go to your company's login page, enter the custom domain name.

Custom Domainhttps://domain.my.salesforce.comContinueBackLog In with a Different Username© 2020 salesforce.com, inc. All rights reserved.<iframe frameborder="0" src="/s.gif" id="marketing" name="marketing" scrolling="no" title="Marketing" tabindex="-1"sandbox="allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts" >LoginLoginHint.getSavedIdentities(false);function handleLogin(){document.login.un.value=document.login.username.value;document.login.width.value=screen.width;document.login.height.value=screen.height;document.getElementById("Login").disabled=true;document.getElementById("login_form").submit();}function lazyload(){document.getElementById("pwcapsicon").src="/img/icon/capslock_blue.png";document.getElementById("marketing").src="https://c.salesforce.com/login-messages/promos.html";}loader();

'

Does anyone know what am I missing in here? According to salesforce documentation https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/dome_query.htm the accessToken in the header should be enough to make the API call.

Note: I gained the access token by running

sfdx force:user:display -u <username>
Improve this question
2

1 Answer 1

Reset to default
1
  1. Your query is wrong. You selected Tooling API service which is for metadata (info about classes, triggers, objects, fields, deployments, running unit tests...). If you want to query Accounts - that's normal data. Try just /services/data/v49.0/query?q=SELECT+Id,Name+FROM+Account

enter image description here

  1. I don't think you need Content-Type header in there. You don't POST anything. At best you can send Accept (application/json, application/xml)

  2. Are you sure the session id was valid? As in you could go to the org, Setup -> Session management, see it there? Or in the user's login history?

  3. It might be that your SF admin did something nasty like locking sessions down to IP from which they originated or maybe the user doesn't have API access... See if you can create your call in Workbench -> Utilities -> REST Explorer first, then go back to Axios?

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank you for the suggestion. I've tried it all and they are all good. But I am still getting the login page in response.
Is there a way to see details of the network traffic? I don't know Axios but something like Chrome or Firefox's dev tools and Network tab. You probably are getting a HTTP 301/302 redirect and the url of the login page you end up on might have some error text in it. Something "thinks" it's normal web access, not api access. It's stupid but can you try setting a cookie header too? bit like salesforce.stackexchange.com/a/7584/799. Cookie is not needed in API calls but it helps if you want to screenscrape the SF internal pages for example...
I figured out the problem. Your suggestions were helpful. I later found out that there was a problem in my logic that was sending incorrect url for query;

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.