You need to sign in to do that
Don't have an account?
OAuth Prompt user to login to solve multiple active salesforce sessions
Hi,
How can I force a user logging in with OAuth to be prompted for login instead of automatically authorizing the user. The problem comes when a user has multiple active browser sessions and has already 'allowed' the app previously to access the site.
If I'm logged into my dev org and pr
I'm using the web server authentication flow - using the following URL:
* I've tried using immediate=false, but that makes no difference once the user has 'allowed' the app access.
* I've tried using https://login.salesforce.com/setup/secur/RemoteAccessAuthorizationPage.apexp instead of the normal https://login.salesforce.com/services/oauth2/token - this does force a prompt but then it gives me an 1800 error, whatever that is - i think that URL is for OAuth 1.0 (??).
Aside from being difficult when developing (since I'm logged into 1 org, and want to authenticate against another org), I think users will get confused if they are automatically logged into an org, even if they have previously allowed the app through. Also, it seems kind of random which org the user is logged into, which I wonder if this is a bug or by design?
Thanks
p.s. i love that the spell checker suggests 'salesrooms' for salesforce!
Ben
Bump...
Afraid I still haven't found any solutions for this. Anyone?
thanks
ben
Bump!
I am hitting the same situation :(
I am trying to login from diffrent orgs and storing the access tokens received, so i can switch the user in my app, to obtain data for different org.
p.s. sorry Ben if you received a notification, and got excited thinking you received an *actual* reply!
Actually, this problem seems to be fixed now. See http://help.salesforce.com/help/doc/en/remoteaccess_oauth_web_server_flow.htm, I believe this is a new feature and didn't exist when I asked this question.
prompt—Specifies how the authorization server prompts the user for reauthentication and reapproval. This parameter is optional. The only values Salesforce supports are:
It is valid to pass both values, separated by a space, to require the user to both log in and reauthorize. For example:
Cool!
Thanks Ben.
I will give it a shot right away!