REST API using SessionId throws “not valid for use with the REST API” for Community users

Following are the steps I am doing:

  1. Get the Salesforce Session ID through SAML Handshake using SAML attributes
  2. Trigger REST API using that session ID

curl https://my-communities.force.com/services/data/v20.0/query/soql_query_here -H “Authorization: Bearer SessionIDHere”

Curl call to the API responds with an error

[{“message”:”This session is not valid for use with the REST API”,”errorCode”:”INVALID_SESSION_ID”}]

Note:

  • The issue is specific to Community users
  • The issue started happening after 30th Nov 2017
  • This has nothing to do with OAuth flow

I am not sure anything has changed from settings or from Salesforce release side, any help with this.

Answer

You need to do a small change in the SAML custom attribute

Modify the $API.Session_Id attribute to $User.EmptyFormula__c & $Api.Session_ID where $User.EmptyFormula__c is a formula field on user with value

When this is the case we first evaluate $User.EmptyFormula__c and set Entity Id.
*$User.EmptyFormula__c can be any formula, just so long as it’s evaluated before $Api.Session_ID”

detailed here

Attribution
Source : Link , Question Author : karthikselva , Answer Author : Sachin

Leave a Comment