Sign Up ›
  • Debargha Ganguly
  • NEWBIE
  • 0 Points
  • Member since 2022
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
    Questions
  • 2
    Replies
15 replies

{ "error" : "invalid_grant", "error_description" : "user hasn't approved this consumer"}

I have to use Oauth JWT flow to got the access token but while i execute my code then it show me following error,
  
{
     "error" : "invalid_grant",
     "error_description" : "user hasn't approved this consumer"
}

I setup all the related things like create the App and upload the certificate and also create the currect JWT token as per doc Here
and post the following request for access token,
  
HttpPost httpPost = new HttpPost("https://login.salesforce.com/services/oauth2/token");
httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer"));
params.add(new BasicNameValuePair("assertion", clientAssertion));			
httpPost.setEntity(new UrlEncodedFormEntity(params));
HttpResponse response = httpClient.execute(httpPost);

And I also accept the application and related permission by following request,

https://login.salesforce.com/services/oauth2/authorize?client_id=3MVG9ZL0ppGP5UrDITkMBDGuTYGHeynoEt40ZRWCcaYsycFHYDcm2LnqukCNurLNx33LH1c.0rrfG8VrQaqri&redirect_uri=https://localhost/myapp&response_type=code     

I think I done all the things to get the access token but I M GETTING ERROR.
Could you please somebody help me for solving this problem.
Thank You. 
9 replies

Is it required to change OAuth endpoints based on custom domain?

We have done integration between .net application and Salesforce.

Currently we are using the primary OAuth endpoints from .net application for authentication:

For production:

For authorization: https://login.salesforce.com/services/oauth2/authorize
For token requests: https://login.salesforce.com/services/oauth2/token
For revoking OAuth tokens: https://login.salesforce.com/services/oauth2/revoke

For sandbox:

Instead of https://login.salesforce.com used https://test.salesforce.com
    
If I want to integrate .net application with a salesforce org on which custom domain has set up then do I need to change the above urls based on custom domain for each such org?

Can anyone please suggest what are the best practices for handling this?

Thanks in advance.We have done integration between .net application and Salesforce.

Currently we are using the primary OAuth endpoints from .net application for authentication:

For production:

For authorization: https://login.salesforce.com/services/oauth2/authorize
For token requests: https://login.salesforce.com/services/oauth2/token
For revoking OAuth tokens: https://login.salesforce.com/services/oauth2/revoke

For sandbox:

Instead of https://login.salesforce.com used https://test.salesforce.com
    
If I want to integrate .net application with a salesforce org on which custom domain has set up then do I need to change the above urls based on custom domain for each such org?

Can anyone please suggest what are the best practices for handling this?

Thanks in advance.