Apex Code Development You need to sign in to do that
Don't have an account?
Lewis John Expired Authorization Code, Unknown Refresh Token
I am testing OAuth integration with my App. Everything was going fine until over the weekend I lost my refresh tokens for my test accounts.
Now I am receiving this error:
{"error":"invalid_grant","error_description":"expired authorization code"}
The redirect back returns a code. This code never changes. However, this code is deemed expired once I try to request an access token and refresh token. I imagine this is because the initial access token has expired and I need to use the refresh token to gain a new one. However, I do not have access to the original refresh tokens.
My question is, how to I reset this whole thing? I have tried the following in all possible combinations:
- In the client login, revoked oauth access to all apps
- In the client login, Reset API Key
- In the developer login, modify redirect_uri
- In the developer login, completely delete exisiting app and create a new one. The new app gives the same error.
I would just like to get both the Client Login and Developer Login App reset to square one. Then I can request my access and refresh tokens and, this time, reliably store them.
Now I am receiving this error:
{"error":"invalid_grant","error_description":"expired authorization code"}
The redirect back returns a code. This code never changes. However, this code is deemed expired once I try to request an access token and refresh token. I imagine this is because the initial access token has expired and I need to use the refresh token to gain a new one. However, I do not have access to the original refresh tokens.
My question is, how to I reset this whole thing? I have tried the following in all possible combinations:
- In the client login, revoked oauth access to all apps
- In the client login, Reset API Key
- In the developer login, modify redirect_uri
- In the developer login, completely delete exisiting app and create a new one. The new app gives the same error.
I would just like to get both the Client Login and Developer Login App reset to square one. Then I can request my access and refresh tokens and, this time, reliably store them.
Lewis
First get refresh token, and yes that never expires but the access might been revoked or something. You can follow the below steps to get the refresh token then access token.
Get Refresh token (Authorization required) by using the below url
https://login.salesforce.com/services/oauth2/authorize?response_type=token&client_id=CLIENTID&redirect_uri=REDIRECT_URL
The above URL will ask for authentication, then it will give you Refresh token and access token. Save refresh token for future use. Access token will be temporary based it will last only till the time specified in session setting.
Get Access token from Refresh token (No authorization required)
https://login.salesforce.com/services/oauth2/token?grant_type=refresh_token&client_id=CLIENT_ID&refresh_token=REFRESH_TOKEN&format=json
https://xxxxxxxxx.my.salesforce.com/#access_token=00D3L0000000XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&instance_url=https%3A%2F%2Fxxxxxxxxx.my.salesforce.com&id=https%3A%2F%2Ftest.salesforce.com%2Fid%2F00D3L0000000XXXXXX%2F005XXXXXXXXXXXXXXX&issued_at=1613132254839&signature=XXXXXXXXXXX%2FXXXXXX%2FXXXX%2FXXXXXXXXXXXXXXXXXX%3D&scope=api+web&token_type=Bearer
First I cleaned up my org list using the command SFDX: Remove Deleted and Expired Orgs
Then I closed out of VS Code completely.
Re-opened VS Code.
Then I reconnected to the org that I wanted as my default org
You can get refresh token but in two steps
1. Get code : https://MYORG.my.salesforce.com/services/oauth2/authorize?response_type=code&client_id=XXXXX&redirect_uri=XXX&state=mystate
2. Use the code to get refresh token : granttype = authorization_code pass code as parameter remember code can be used only once check the documentation then you will get refresh token. Also the connected all scope should have refresh token