You need to sign in to do that
Don't have an account?
Patrick Mallahan
OAuth2 JWT issues
I'm having a problem getting the test api login to grant me an access_token. I am POSTing my request to https://test.salesforce.com/services/oauth2/token and here is my Request Header, I shortened the assertion value for brevity:
Any ideas or suggestions would be greatly appreciated.
POST https://test.salesforce.com/services/oauth2/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded; charset=utf-8 Host: test.salesforce.com Content-Length: 415 Expect: 100-continue Connection: Keep-Alive grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3[ ... ]ODMzN30.OE8FouPsqAXudnKgSZ0NeWnVjA1LYPtLgk4GXMx2knoEvery time I submit this, I'm getting the following Response:
HTTP/1.1 400 Bad Request Date: Mon, 15 Sep 2014 19:12:19 GMT Set-Cookie: BrowserId=SntionWLRSa0UEsXlzz--g;Path=/;Domain=.salesforce.com;Expires=Fri, 14-Nov-2014 19:12:19 GMT Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Cache-Control: no-cache, no-store Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked 4A {"error_description":"expired authorization code","error":"invalid_grant"} 0This is being written in C# .NET 4.5.1 using the JSON Web Token Handler provided by Microsoft:
public void Login() { var token = GetAuthToken(); const string uri = "https://test.salesforce.com/services/oauth2/token"; var httpWebRequest = (HttpWebRequest)WebRequest.Create(uri); var authRequest = new HttpClient(); var authContent = Uri.EscapeDataString("urn:ietf:params:oauth:grant-type:jwt-bearer"); var authToken = Uri.EscapeDataString(token); WebResponse response = null; try { var responseMessage = await authRequest.PostAsync(uri, new StringContent(string.Format("grant_type={0}&assertion={1}", authContent, authToken), Encoding.UTF8, "application/x-www-form-urlencoded")); var test = "test"; } catch { throw; } finally { if (response != null) { response.Close(); response = null; } } } private static string GetAuthToken() { var securityKey = GetBytes("security key I was provided"); var tokenHandler = new JwtSecurityTokenHandler(); var now = DateTime.UtcNow.ToUniversalTime().Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds + 6000; var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new List<Claim> { new Claim("iss", "my client id"), new Claim("aud", "https://test.salesforce.com"), new Claim("prn", "user@domain.com"), new Claim("exp", now.ToString(CultureInfo.InvariantCulture)) }), AppliesToAddress = "https://test.salesforce.com", TokenIssuerName = "my client id", SigningCredentials = new SigningCredentials( new InMemorySymmetricSecurityKey(securityKey), "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256", "http://www.w3.org/2001/04/xmlenc#sha256") }; var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); }
Any ideas or suggestions would be greatly appreciated.
Did you ever figure this out?
Thanks,
Simba
I wrote in detail about it here - https://mannharleen.github.io/2020-03-03-salesforce-jwt/
That should help you solve the error.