Page Comparison

...

• Simple Object Access Protocol

• Web Service API

• Synchronous request response architecture

• XML

• Standards based

• WSDL (Web Service Description Language) (a package to define all the methods) needs to be downloaded and saved to the server.

  • The structure of the web services that clients can call

  • An XML file describing the endpoints.

  • A contract between the server and the client

  • Also defines the operations that Salesforce supports

  • And a definition of the data that will be passed back to the client

• System to system

• State maintained

• Supports gZip compression

• Built in security

  • OAuth or Session ID (OLD)

• Can build Custom SOAP Web Services

• Standard Salesforce WSDL

• SOA (Service Oriented Architecture) Callout (eg bring data into external systems)

  • Synchronous

• Web Service API

  • Anything referring to Web Service relates to SOAP.

• Custom Web Service is inbound

  • Your client application submits a service request to the Web Service via the API

• Callouts are outbound.

  • Callouts require a remote site setting.

  • The domains you want to allow communication to.

• Layers

  • Application Layer

    • HTTP, SOAP, SSL, FTP etc

  • Transport Layer

    • TCP, UDP

  • Internet Layer

    • IP, ICMP

  • Link Layer

    • Ethernet, DSL, PPP etc

  • Gee this is all stuff I learned in my university days in the early 90s

• Process

  • Insert records into Salesforce

  • Convert CSV data to XML

  • Send request for 200 records

  • Salesforce parses the request

  • Saves the records to the database

  • Return the success or failure response message to the client

  • This all happens synchronously.

  • Individual records be rolled back if exceptions.

    • Eg 198 records may be successful, 2 may have errors.

• First call passes the username and password

  •  Typically you will need to append the security token to the password unless your IP address has be added to the Org.

  • All subsequent calls pass the session ID that is returned from the successful authentication

  • See Documentation https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_calls_login.htm

...

• Loosely typed

• Can be used against any org (eg used by partners)

• Static - only changes based on API version?

REST

• Representational State Transfer

• Stateless

• Synchronous

• Higher performance

• URI over HTTPS

• “lower level on the networking stack” (dunno if it’s important, but it was repeated many times in a 2011 video)

• XML or JSON

• REST has in-built discovery of the available methods / endpoints

• Lightweight

• Security usually via OAuth

  • Old via Session ID

• Standard Salesforce endpoints on every object (Standard and Custom)

• Web service implementations

  • Expose your own APEX classes as REST Endpoints

• GET POST DELETE PATCH PUSH

• Process

  • Request header contains authorisation

    • OAuth Token or Session ID retrieved from authorising via username password and token authentication

  • The URI is the address it goes to

  • The data is stored in JSON

  • The http Method is POST eg

  • The http Response is produced by the server and returns JSON data

    • Can receive response in XML with an ACCEPT header

• Bulk API uses REST See https://tddprojects.atlassian.net/wiki/pages/createpage.action?spaceKey=SF&title=Salesforce%20APIs&linkCreation=true&fromPageId=1310556166

...