See here for an Overview of the API


The first step, before calling any RightsZone API, is to authenticate the underlying Salesforce API. Authenticating against Salesforce's endpoint can be done in one of two ways:


  • Using clientId, client secret, username, password and security token
  • or using oauth*

*However, RightsZone only supports the username and password authentication flow

Before starting.....

Make sure that the password flow is activated in your org (this is used by the RZ API app so needs to be enabled in the OAuth settings (see screenshot below). 

 

image

 

The Salesforce release note that explains this is located here: https://help.salesforce.com/s/articleView?id=release-notes.rn_security_username-password_flow_blocked_by_default.htm&release=244&type=5

 


Enter the following details to authenticate RightsZone on Salesforce:

URL:

Method: Post
URL: as below....


For sandboxes:
https://test.salesforce.com/services/oauth2/token
your_unique_domain (your RightsZone contact can confirm this as it will be different from what you see on the UI) followed by sandbox.my.salesforce.com/services/oauth2/token

 

e.g. https://uniquedomain--sbname.sandbox.my.salesforce.com/services/oauth2/token

 

For live orgs:
https://login.salesforce.com/services/oauth2/token
your_unique_domain (your RightsZone contact can confirm this as it will be different from what you see on the UI) followed by .my.salesforce.com/services/oauth2/token

 

e.g. https://uniquedomain.my.salesforce.com/services/oauth2/token


Input:

Content-type: application/x-www-form-urlencoded

Body:

  • grant_type: password
  • client_id:3MVG9I5UQ_0k_hTnAgYPAbMxTGLlQyil2vk0PRlpqG0BCnZKv7.E_lJODzs2mDjr.EvuIWA1PE.i6b5WlfbxU
  • client_secret:FC499445AF156E1D0825A751C04847086ED86CA89C6C22941673684274486C81
  • username:your_rightszone_user_name (note this may be different to your email address)
  • password: your_password + your_securityToken


Output:

  • Status: 200
  • The response is sent in the body
  • The access_token is what you need for subsequent calls to the API
  • The instance_url is the URL to use in subsequent calls to the API (this must replace test.salesforce.com OR login.salesforce.com OR your unique domain)


{

    "access_token": "00D2z0000008l2S!AQMAQIu0JppEUivrjmNBCQXsoo0juG17B5kdbFDexRZh_XI4nFuG.gl9APZILbwCK7U76A8Hrp0hGxGklm3ab_F2DVmw6yFQ",

    "instance_url": "https://ribbonfish-9355--testorg.cloudforce.com",

    "id": "https://test.salesforce.com/id/00D2z0000008l2SEAQ/0054K000002oVGYQA2",

    "token_type": "Bearer",

    "issued_at": "1612956411146",

    "signature": "tgnxSW6utT8DJ4crCxQyPrek6GRtV75f01A+bYE0KKU="

}

Example in Postman

Authenticate to RightsZone


See here for further information:

Calling the RightsZone API

Create Project

Create Project & Component