I have created a connected app in which I have selected the OAuth Scopes "Access and manage your data (api)" and "Full access (full)" through the consumer key and consumer secret that was available in the new connected app, I have generated an access token.
But when I send a new put request to the RestResource that I have created in my sandbox instance, with the header key as "Authorization" and value as "Bearer my_access_token" I am receiving the below error.
[
{
"message": "Session expired or invalid",
"errorCode": "INVALID_SESSION_ID"
}
]
the url to which I am sending the request looks like this
https://my_instance_url/services/apexrest/CustomerAccountSync
I tried changing the way I send access token by adding "OAuth" instead of "Bearer" in the header. But I am still receiving the same error response.
Can anyone please let me know why this is happening? I am using "Insomnia" to make the API call.
And you're sure you're sending to different endpoint? login call can go against generic login.salesforce.com or test.salesforce.com. But all requests after login need to use the instance_url that came back in the response, just like you have to use access_token from now on.
It'll be in https://mydomain.my.salesforce.com format so you need https://mydomain.my.salesforce.com.salesforce.com/services/data/v50.0/query?q=SELECT Id FROM Account
Bit more info how to test: https://stackoverflow.com/a/63255845/313628
Documentation: https://developer.salesforce.com/docs/atlas.en-us.api_iot.meta/api_iot/qs_auth_access_token.htm (it's from different REST API but same idea applies)