Using Paw To Work With Salesforce REST APIs for Mobile Backends

Paw, a REST client for the Mac, makes working with the Salesforce APIs easy. Here's how you configure it to handle authentication and multiple environments. Download the the config file now.

For the past 6 months or so, I have been doing most of my Salesforce development ‘off-platform’; in other words, using Salesforce more as an mBaaS for native iOS apps. The platform has a rich set of RESTful APIs that make building mobile apps really fast. I typically like to test my queries and REST calls separate from my app, until I know they are working correctly, before adding them to my xCode project. Workbench has been one of my goto tools for a long time. It is quick and easy. But I just didn’t dig the styling.

It’s just me – I like native apps, the more well designed the better. My favorite apps are tools like Sketch, Day One, The Hit List. They combine style and function amazingly well. It got me thinking, is there a tool as powerful as Workbench, but with a better design and interface? I am happy to share that they answer is a resounding yes. Paw is my new favorite tools for accessing the Salesforce REST APIs. (note: Paw is a third-party paid app. It provides a trial version if you want to check it out)

The first thing you need to do when working with Paw is to set up an environment and OAuth2 authentication. This took me a little bit to work out. Thankfully Paw lets you save configurations and share them. You can download mine, but let’s look at the steps you need to do:

1. Create a domain

Domains let you create a series of environment variables for constructing URLs and adding common headers for requests. For my configuration, I set the following:

2. Add Authorization header

Salesforce uses OAuth2 for authentication and authorization and passes the access token in a HTTP header. Paw does a great job of making the OAuth2 flow and injecting this access token header in a really creative way. From inside your domain, add a new header, Authorization and right right the header value section, then select Authorization-> OAuth2 Authorization. Fill in the following details:

Client ID: Add the client id from your connected app configured in salesforce

Client Secret: Add the client secret from your connected app configured in salesforce

Authorization URL: https://login.salesforce.com/services/oauth2/authorize

Access Token URL: https://login.salesforce.com/services/oauth2/token?format=urlencoded

Redirect URL: https://localhost

The trickiest part is the redirect URL. This url must match exactly the callback URL specified in your connected app. In salesforce, callback URLs must either be a HTTPS endpoint or a custom url scheme such as mobilesdk://success. Paw requires a public url as it introspects the response in the OAuth flow for the access_token. I have apache running on my mac so I set the callback URL to https://localhost, but you should be able to use just about any https endpoint that you manage. Once you have everything configured, click Get Access Token and authenticate with Salesforce.

With the access token now in the header, you can quickly create API calls by inheriting your domain settings.

There you go. Paw is now my go to tool for querying the Salesforce REST API. If you want to try it out, you can download my config here. All you need to do is add your client id and secret. I’ve just scratched the surface of what Paw can do though. It can even generate code to make calling these RESTful APIs for you, including support for Swift! Besides, how can you not love an app made by a company called LuckyMarmot? My inner hiker is happy.