Apex Code Development You need to sign in to do that
Don't have an account?
Fonteva Integration Expired authorization code error immediately
I’m trying to connect my staging server to the Salesforce sandbox via OAuth. The exact same code (written by my predecessor) is running on the production server connecting to Salesforce production. Both servers are clones of each other, the only difference is the OAuth credentials. I’m running the code to retrieve a token, but getting an error:
[error] => invalid_grant [error_description] => expired authorization code
Request for auth:
https://test.salesforce.com/services/oauth2/authorize?scope=full&state=fdf0…067e&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2FDOMAIN%2Foauth%2Fsalesforce&client_id=3MVG…kR8m
After authentication/authorization, Salesforce redirects back to my staging site:
https://DOMAIN/oauth/salesforce/?code=aPrx…IA%3D%3D&state=fdf0…067e
Here we successfully verify the state, then submit the authorization code to get the token.
Request for token:
https://test.salesforce.com/services/oauth2/token?client_id=3MVG…kR8m&client_secret=D59D…A0D7&redirect_uri=https%3A%2F%2FDOMAIN%2Foauth%2Fsalesforce&grant_type=authorization_code&code=aPrx…IA%3D%3D
Response:
( [error] => invalid_grant [error_description] => expired authorization code )
The authorization URL request works appropriately, so my ID/secret appear to be valid, although I’ve double checked them. I even created a new connected app which produced the same results.
Thanks!
- Time synchronization: Ensure that the system time on your staging server is synchronized with an NTP server. OAuth flows are often time-sensitive, and an incorrect system time might lead to token expiration issues.
- Revoke previous tokens: In Salesforce, you can navigate to "Connected Apps OAuth Usage" and check if there are any existing tokens for the staging server. If you find any, try revoking them and re-running the OAuth flow.
- Double-check the callback URL: Ensure that the callback/redirect URL is correct in both the Connected App (https://getreminiapk.com/remini-for-pc/) settings in Salesforce and the OAuth request on your staging server. A mismatch between these URLs can cause issues in the OAuth flow.
- Inspect the requests: Compare the requests made from the staging server to those made from the production server. You can use tools like Postman or CURL to investigate and ensure that the requests are identical except for the credentials. This may help you identify any discrepancies in the requests causing the issue.
- Check the code for hard-coded values: Review the code responsible for the OAuth process and look for any hard-coded values that may be causing issues on the staging server. Make sure that the code is using the correct OAuth credentials and URLs for the staging environment.
- Test the flow using another tool: Use a tool like Postman to manually perform the OAuth flow with your Salesforce sandbox credentials. This can help you verify whether the issue is related to your staging server or the Salesforce sandbox.
If you still face issues after investigating these suggestions, it might be necessary to contact Salesforce support again with the additional information gathered during these tests. They may be able to provide more insights based on their internal logs and further assist you in resolving the issue.