You need to sign in to do that
Don't have an account?
Middha
JWT Assertion - Summer 13 Issue
Hi,
I had a method which was fetching the access token for another Salesforce Org, using JWT assertion. It was working well till the Summer 13 update happened. Now I am getting "invalid client credentials" error, a bad request. Anyone else having the same issue, any workarounds?
Here is the code:
String username = 'abc@abc.com'; Long rightNow = (dateTime.now().getTime()/1000)+1; String claimSet = '{"iss": "' + CSetting.getSettingValue('Consumer Key', '') + '", '; claimSet = claimSet + '"prn": "' + username + '", '; claimSet = claimSet + '"aud": "https://login.salesforce.com", '; claimSet = claimSet + '"exp": "'+ (rightNow + 300) + '"}'; String header = '{"alg":"HS256"}'; String signatureInput = base64URLencode(blob.valueOf(header))+'.'+base64URLencode(blob.valueOf(claimSet)); String privateKey = CSetting.getSettingValue('Consumer Secret', ''); Blob signature = Crypto.generateMac('hmacSHA256',blob.valueof(signatureInput),blob.valueof(privateKey)); String jwt = signatureInput + '.' + base64URLencode(signature); String body = 'grant_type=' + encodingUtil.urlEncode('urn:ietf:params:oauth:grant-type:jwt-bearer','UTF-8')+'&assertion='+jwt; HttpRequest req = new HttpRequest(); req.setMethod('POST'); req.setEndpoint('https://login.salesforce.com/services/oauth2/token'); req.setHeader('Content-type', 'application/x-www-form-urlencoded'); req.setBody(body); Http http = new Http(); HTTPResponse res = http.send(req);
Salesforce support confirmed that they dont support HMAC algo anymore and we have to use RSA now.