Salesforce REST API logout

1
votes

Is there a Salesforce endpoint to logout a session (not involving oauth?).

For example, I have a python script that logged in via the REST API using the username, password, security token method (I am using simple_salesforce for this). simple_salesforce does not provide an inbuilt way to logout. Instead, according to the developer, logging out should be our responsibility: https://github.com/heroku/simple-salesforce/issues/35

In the url above, it recommends we hit the salesforce revoke endpoint as described here: https://help.salesforce.com/HTViewHelpDoc?id=remoteaccess_revoke_token.htm&language=en_US

However, as I mentioned before, I used the username, password, security token method to login, not the oauth. Assuming, I cannot use the oauth way to login, what url/endpoint do I need to hit to logout the session?

Thanks!

1
pythonsalesforce

1 Answers

2
votes

Answering my own question. Perhaps this may be helpful to anyone else.

When using the username, password, security-token method instead of oauth to login, you still use the oauth revoke endpoint to logout. As shown in Salesforce documentation (https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_revoke_token.htm&language=en), the revoke endpoint has the following url: https://login.salesforce.com/services/oauth2/revoke?token=currenttokenID

The token we will hit the endpoint with is actually our session_id. So, in simple_salesforce, once we have created the sf object as follows

sf = Salesforce(username='[email protected]', password='password', security_token='token')

we get the session id by sf.session_id.

Now to hit the endpoint we can use requests (which is already there in the sf object)

payload = { "token": sf.session_id }
url = 'https://test.salesforce.com/services/oauth2/revoke'
r = sf.request.get(url, params=payload)
if r.status_code == 200:
  #successfully logged out, good to go!
else:
  #uh-oh, something went wrong. check it out

Hope this helps!