无法从Salesforce获取刷新令牌
[英]Not getting refresh token from Salesforce
问题描述
I have been using Force.com Toolkit for .NET for long time. 
我已经将Force.com Toolkit用于.NET很长时间了。 Recently one of a client has started complaining for session invalid issue. 最近,一位客户开始投诉会话无效问题。 So I started digging up and found that I have to refresh token by calling TokenRefreshAsync for which I need to pass on refresh token which I get during authentication. 因此,我开始进行挖掘,发现我必须通过调用TokenRefreshAsync来刷新令牌, 为此我需要传递在身份验证期间获取的刷新令牌。 But I am getting null refresh token from SF. 但是我从SF获取空刷新令牌。
I have tried everything possible thing I found on the internet without any success. 我尝试了在互联网上找到的所有可能的尝试,但都没有成功。 Perform requests on your behalf at any time (refresh_token, offline_access) is added in OAuth Scopes: OAuth范围中随时添加了代表您执行请求(refresh_token,offline_access) :
Refresh token expiry is set at 2 days: 刷新令牌的有效期设置为2天:
This is the simple code I am using to authenticate: 这是我用来验证的简单代码:
var task = authClient.UsernamePasswordAsync(consumerKey, consumerSecret, username, password, callback);
task.Wait();
What am I missing here? 我在这里想念什么?
1 个解决方案
解决方案1
2 已采纳 2019-05-22 22:58:59
The Username-Password Oauth Flow does not provide a refresh token on Salesforce, regardless of scopes: 无论范围如何, 用户名-密码Oauth流都不会在Salesforce上提供刷新令牌:
This OAuth authentication flow passes the user's credentials back and forth.
If you want a refresh token, you'll need to implement a different OAuth flow (preferable!), or eschew the refresh token and reauthenticate when your access token expires. 如果您需要刷新令牌,则需要实施其他OAuth流(首选!),或者避免访问刷新令牌并在访问令牌过期时重新进行身份验证。 The latter makes you vulnerable to credential and security token changes on the part of the authenticated user, however, which using a more suitable OAuth flow grants resilience against. 后者使您容易受到身份验证的用户的凭据和安全令牌更改的影响,但是,使用更合适的OAuth流可以授予其弹性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.