function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

renew access token in angular cli (web browser) (either with or without refresh token)


I have implemented an angular cli app which is currently running in localhost and I have several connections to Salesforce instances. I am using oauth2 to authorize the app. Currently I am getting the refresh token to the app and when the access token expires I renew it with the refresh token.
Here I hit a CORS issues:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS header 'Access-Control-Allow-Origin' missing).
The funny thing is that I can see in the network tab that it makes the call and it returns me the new access token but in the console I get error:
ERROR_HTTP_400: Access Declined

I am using jsforce with the proxyUrl setting for the connection but still getting the error.
I get the same error if I make a direct http call and not using jsforce.
It works for other authenticated calls, in those I don't get the CORS issue.

Any idea how to fix this ?

If I don't have the refresh token (implicit flow), how do I renew the access token ? It would be better not to have the refresh token in the browser but I couldn't figure out any other way of getting a new access token when it expires.

Does Salesforce support silent authentication like described here: