salesforce rest api INVALID_SESSION_ID error

Question

I am using salesforce rest api to access the salesforce account from my rails app.I created a remote access app and got the key N the id. I was able to authenticate the user and get the auth_token, instance url and all that. But, when I send request at "instance_url/services/data/v20.0" along with the access token , I get this error:

[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]

I have a developer salesforce account and have API enabled true for every profile, except for the "Authenticated website" profile(which is not accessible).

Please, can anybody help me with this?

I'm authenticating the user with following request

HTTParty.post "login.salesforce.com/services/oauth2/token";, :body=>{"grant_type"=>"authorization_code","code"=>"abc}","client_secret"=>"abc"‌​, "client_id"=>"abc","format"=>"json","redirect_uri"=>"localhost:3000/salesforce/callback";}

which is returning signature, id, instance_url, issued_at, access_token and refresh_token

HTTParty.get "ap1.salesforce.com/services/data/v20.0";, :headers=>{"Authentication"=>"OAuth access_token", "Content-Type"=>"application/json"}

which responds with

[{"errorCode"=>"INVALID_SESSION_ID", "message"=>"Session expired or invalid"}]

Answer 1

How are you passing the sessionId to the /services/data/v20.0 request?, if your access_token is abc123 then you need a http header of Authorization: OAuth abc123 in the request.

Answer 2

API session in salesforce expires regardless if there are activities or not. to set the duration of each session go to Setup > Administration Setup > Security Controls > Session Settings>

the max is 8hours.

cheers!