"Session expired or invalid","errorCode":"INVALID_SESSION_ID" while making REST call via cURL

  • I'am trying to make a REST call via cURL with the credentials I have. But I get an error message saying INVALID_SESSION_ID. Below you can find the call I'am trying to make which consists of my Access token. I'am new to salesforce development, so, I'am trying the basic calls for testing. But, I face some difficulties in achieving it. It would be great if I get some help I got my access token via cURL using the username and password

    REST CALL in cURL: curl https://eu11.salesforce.com/services/data/v26.0/ 
    -H "Authorization:Bearer 00D0Y000001LM4L\!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh"

    I use windows and my instance URL was https://eu11.salesforce.com

    The session token can finish by default after 2 hours if it isnt use. You need to refresh the session token

    It seems that ! (exclamation mark) needs to be encoded by \ character in case if you use double quotes in request. I did that, and I am able to connect on my machine. Just replace ! by \! .

    I refreshed the token and tried it , but still getting the same error

    Single quotes instead of double?

    I added the escape character before the exclamation mark and passes the token as Bearer 00D0Y000001LM4L\!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh and I still get the same error

    I tried single quote, but it addes the line "Couldn't resolve host '00D0Y000001LM4L\!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh'"

    With respect to refreshing token, I have set my expirt time as 24 hours and getting a new security token each time and getting the new access token everyday via cURL (I use username and password flow for authenticating)

    Try using a google chrome extension such as Postman and use access token, retrieved in CURL, to make API call. If it goes through that means there is some issue with Access token, otherwise something with your API call. Also setup debug logs in Salesforce with respective user to see if Salesforce throws any exception.

  • Escaping the Session ID or Using Single Quotes on Mac and Linux Systems When running the cURL examples for the REST resources, you may get an error on Mac and Linux systems due to the presence of the exclamation mark special character in the session ID argument. To avoid getting this error, do one of the following:

    • Escape the exclamation mark (!) special character in the session ID by inserting a backslash before it (!) when the session ID is enclosed within double quotes. For example, the session ID string in this cURL command has the exclamation mark (!) escaped:


    • Enclose the session ID within single quotes. For example:

    'Authorization:Bearer 00D0Y000001LM4L!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh'

    Therefore, the last line of code in this answer should resolve your issues.

    UPDATE - Command To Use

    curl eu11.salesforce.com/services/data/v20.0 -H 'Authorization:Bearer 00D0Y000001LM4L!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFp‌BnQlV8HuSIgvTXx2.5ed‌pKOTC1J2KMyp_WC8s1r1‌dXRncej9fmlh'


    curl eu11.salesforce.com/services/data/v20.0 -H "Authorization:Bearer 00D0Y000001LM4L\!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFp‌BnQlV8HuSIgvTXx2.5ed‌pKOTC1J2KMyp_WC8s1r1‌dXRncej9fmlh"

    Hello, I tried with both of these changes you said but there is still an error saying that the token is not valid. Do you think will there be anyother issue?

    I am assuming the answer has resolved your INVALID_SESSION_ID error and you are now referring to a totally different error? If so, I am not sure what this error is and you would best opening a new ticket with your current setup (with amendments made) and the new error message.

    To be clear, 1)when I use escape symbol and double quotes the error is Invalid token 2) When I do not use escape symbol and put it in single quotes i get an error saying that it is an invalid token and cannot resolve host '00D0Y000001LM4L!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh'

    Smith, I enclosed the session id in single quotes and tried and i still get the same error . You can see the exact cURL command below curl https://eu11.salesforce.com/services/data/v20.0/ -H 'Authorization:Bearer 00D0Y000001LM4L!AQgAQDyx9qacxzMxrtUP3OfIQspHy3cNkDypLQGwraFpBnQlV8HuSIgvTXx2.5edpKOTC1J2KMyp_WC8s1r1dXRncej9fmlh'

    Also, in your answer you said to use double quotes while using escape character... "Escape the exclamation mark (!) special character in the session ID by inserting a backslash before it (!) when the session ID is enclosed within double quotes". When I try this, I still get the same error

    Smith, thanks for your updated answer. Unfortunately, I get the same error with both the commands

    The trailhead suggests the following syntax. curl https://yourInstance.salesforce.com/services/apexrest/Cases/ -H 'Authorization: Bearer ' -H 'X-PrettyPrint:1' I found, on my windows PC, that the double quotes were required around Authorization. curl https://yourInstance.salesforce.com/services/apexrest/Cases/ -H "Authorization: Bearer " -H 'X-PrettyPrint:1' This worked for me. Thanks to Upender at Salesforce support.

  • I was able to resolve the issue with the following:

    1) My instance was wrong. So, I replaced eu11 with na11 which was correct

    2) I did not escape !. I just gave my access token in the curl command and it worked

    3) I used username-password flow to get my access token. So, there was no chance to get refresh token. But the access token will be valid until we work with it. So, I created a new connected app and set its session validity to 24 hours which helped me to test the stuffs within that time.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM