Can i Get JSON Response just using Session ID in salesforce?

Question

I have a situation where salesforce is connected with third party application and from Salesforce Community portal when a user clicks on a button we need to send session ID of that community user.

With that session ID the third part should make a REST call to the salesforce and an REST Apex class should run the HTTP GET method and return Contact details in the JSON response. IS this possible ?

Note: we won't be having all the community users Username and password for any sort of authentication , when any of the community user login and click the button, at that time we are just sending the Session ID of that user to that third party app in the REST API body. and the third party will only have session ID related to that user and with that session ID they should be able to GET contact details of that community user as response.

Answer 1

Rav, you could retrieve the session Id in Apex using System.UserInfo.getSessionId() and send that to the third party system. That system then can add the value to a HTTP header Authorization: Bearer TheSessionId.

However.... you might rethink that approach - depending on how much control you have over that backend system. When you prepare the call out from Apex, you already have access to the user details. Why not provide them in the initial JSON? Even if the system needs to call back later (where you want the session id) providing the user details upfront will save you a network call.