Activity Forums Salesforce® Discussions Explain Web Server Authentication Flow Implementation in Salesforce.

Tagged: , , , ,

  • Salesforce® Discussions

    Explain Web Server Authentication Flow Implementation in Salesforce.

    Posted by R on January 20, 2019 at 8:09 am

    I am trying to implement Web Server OAuth flow from one Salesforce Org to another. I am facing several errors while trying to do so. Also I have few generic questions also at the end.

    Below are the errors I am facing:

    Access token received as part of the authorize step is returning Session expired or invalid message when being used to hit custom rest api

    On trying to add scope to the authorize step, like scope=web or scope=refresh_token , it throws the error: OAUTH_APPROVAL_ERROR_GENERIC

    I checked the session settings but validity for access tokens is not an issue there.

    Below are the generic questions related to integration and connected app.

    In case of web server flow, how is security model of salesforce taken care of. Does it mean in this flow one would have access to all data if the app has full data scope?

    I understand Authentication happens first then followed by authorization. But the very first step in this flow is the authorize step. Does it mean we have authorization happening first in this case?

    R replied 5 years, 9 months ago 2 Members · 2 Replies
  • 2 Replies

  • Jade

    Member
    February 6, 2019 at 9:30 am

    It seems like there is some problem with your connected app settings.

    Can you please try with a fresh token ?

  • R

    Member
    February 7, 2019 at 3:26 am

    Do you mean to retry the flow. Every time I initiate the flow I get a fresh token. It still won't work.

Log In to reply.

Popular Salesforce Blogs

Popular Salesforce Videos

Report

Harassment or bullying behavior
Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Mobile App Reported Contents
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .