function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
JPAJPA 

Connected app - Bad request on requesting new token

Hi,

We have been facing a problem with the refresh token flow. 
From time to time, we are getting a bad request response (HTTP Status code 400) when requesting a new token. This problem goes away if we execute 2 or 3 more times this request.
We are using the "Refresh token is valid until revoked" setting, so we can make sure we don't have any problems with this mechanism.

This is the request we are performing: 
POST /services/oauth2/token HTTP/1.1 Host: login.salesforce.com/ grant_type=refresh_token& client_id=<client_id>&client_secret=<client_secret>&refresh_token=<refresh_token>
Could you help me understand if there is any configuration missing?


 
VinayVinay (Salesforce Developers) 
Strange not sure how this will go after 2 or 3 request execution.  Check below link that gives more details of above scenerio.

https://help.salesforce.com/articleView?id=000313919&type=1&mode=1

Hope this helps..

Thanks,
AnudeepAnudeep (Salesforce Developers) 
I recommend making a call using the Postman tool to Investigate this further 

When the session ID or OAuth token used is expired or is invalid, it gives a 401 error

Whereas, when we are using a "refreshToken" to authenticate, user is not logged in yet. So when refresh token or client secret or client Id etc, anything is incorrect, we will get a HTTP 400 BAD request.

A refresh token is not to be confused with an  OAuth token. OAuth Token here means the access token - we get after successful login.

Sample request with invalid access token (Following is an example)

https://vaibhavkaushik-dev-ed.my.salesforce.com/services/data/v44.0/query/?q=select+id+from+account -H 'Authorization: Bearer 00D28000001HXcj!AQkAQEG90CiBEC4kQh62z4Y.VfJSlcdu_gWX4DFHyi3UNtLmU.vMpkj_NojQCtLK2Wncbtq93AUjEKhJvJLBqFemKzfrkESx'

Status: 401 Unauthorized

[
{
"message": "Session expired or invalid",
"errorCode": "INVALID_SESSION_ID"
}
]


Sample request when client secret(7383516191802996352) is Invalid, but a Valid refreshtoken
https://login.salesforce.com/services/oauth2/token?grant_type=refresh_token&client_id=3MVG9ZL0ppGP5UrCuWee4wUo9JDWBU57R.meULq4jwZJJG_lCDg9b91Jqa0zBCTuSwfjFYDVS38Da2q_WOVsQ&client_secret=7383516191802996352&refresh_token=5Aep861TSESvWeug_yKmRM1J.tNEKQRpc9OQ9ErwXMSupqu8M51k_DwygI5LMk.OYz3BGSxAbqzTQ8fws0x3TVd

Status: 400 Bad Request
{
"error": "invalid_client",
"error_description": "invalid client credentials"
}


client secret should be: 7383516191802996351

401 is seen only when an invalid or expired Access Token or Session Id is used to make requests. And 400 is seen when the request to authenticate itself is invalid.
 
JPAJPA
It seems I was misled by this odd behavior.
Actually, I'm consistently getting the following error message:

{ "error": "invalid_grant", "error_description": "expired access/refresh token" }

However, there's no reason for this. These are my configurations:
User-added image

and: 

User-added image

what might be causing this problem?


 
JPAJPA
Let me just add that this refresh_token was valid a few days ago and we were not facing any problem.
Shubham Jadhav 70Shubham Jadhav 70
Hi,
You can refer to article below : 
https://salesforceidiot.blogspot.com/2023/05/how-to-create-connected-app-and-get.html