Activity Forums Salesforce® Discussions Explain Web Server Authentication Flow Implementation in Salesforce.

  • Explain Web Server Authentication Flow Implementation in Salesforce.

    Posted by R on January 20, 2019 at 8:09 am

    I am trying to implement Web Server OAuth flow from one Salesforce Org to another. I am facing several errors while trying to do so. Also I have few generic questions also at the end.

    Below are the errors I am facing:

    Access token received as part of the authorize step is returning Session expired or invalid message when being used to hit custom rest api

    On trying to add scope to the authorize step, like scope=web or scope=refresh_token , it throws the error: OAUTH_APPROVAL_ERROR_GENERIC

    I checked the session settings but validity for access tokens is not an issue there.

    Below are the generic questions related to integration and connected app.

    In case of web server flow, how is security model of salesforce taken care of. Does it mean in this flow one would have access to all data if the app has full data scope?

    I understand Authentication happens first then followed by authorization. But the very first step in this flow is the authorize step. Does it mean we have authorization happening first in this case?

    R replied 3 years, 7 months ago 2 Members · 2 Replies
  • 2 Replies
  • Jade

    February 6, 2019 at 9:30 am

    It seems like there is some problem with your connected app settings.

    Can you please try with a fresh token ?

  • R

    February 7, 2019 at 3:26 am

    Do you mean to retry the flow. Every time I initiate the flow I get a fresh token. It still won't work.

Log In to reply.

Popular Salesforce Blogs

Popular Salesforce Videos