如果没有可用的刷新令牌,如何刷新或撤销OAuth2.0 access / refresh_token?
[英]how to refresh or revoke OAuth2.0 access/refresh_token, when no refresh token available?
问题描述
I was working in my sandbox environment trying to figure out the Chatter API calls - I had saved my refresh token during my testing but it was lost sometime later. 
我正在沙盒环境中工作,试图弄清楚Chatter API调用 - 我在测试期间保存了我的刷新令牌,但之后丢失了。
Now when I try to hit the API I am receiving the following error: 现在,当我尝试命中API时,我收到以下错误:
"expired access/refresh token"
How do I get around this now? 我现在如何解决这个问题? I do not have a refresh token so i cannot make a request to refresh my token, and i'm not sure how to expire / delete / revoke it via the UI so that I can proceed with my testing. 我没有刷新令牌,所以我无法请求刷新我的令牌,我不知道如何通过UI过期/删除/撤销它,以便我可以继续我的测试。
my cUrl call is as follows: 我的cUrl电话如下:
curl
--form client_id=3MVG92.u...2KycWe
--form client_secret=668...930
--form grant_type=password
--form username=mike....com
--form password=*#()@*#$@
--proxy 127.0.0.1:3128 --insecure
https://test.salesforce.com/services/oauth2/token
Things I have tried: 我尝试过的事情:
- Reset my password 重置我的密码
- Delete remote access and create a new one with new client_id / secret 删除远程访问并使用新的client_id / secret创建一个新的远程访问
- Reset my security token 重置我的安全令牌
Does anyone know how to expire the token or get a new refresh token via the API or UI in salesforce? 有没有人知道如何通过salesforce中的API或UI获取令牌或获取新的刷新令牌?
2 个解决方案
解决方案1
4 已采纳 2012-05-18 22:36:00
To revoke access from the UI, click on the following in the menu at the top right of Salesforce: Your Name | 要撤消用户界面的访问权限,请单击Salesforce右上角菜单中的以下内容:您的姓名| Setup | 设置| My Personal Information | 我的个人信息| Personal Information and clicking Deny 个人信息,然后单击拒绝
More info here: https://na12.salesforce.com/help/doc/en/remoteaccess_about.htm 更多信息: https : //na12.salesforce.com/help/doc/en/remoteaccess_about.htm
What scope are you using? 你在用什么范围? If you specify a scope (like 'api'), you'll need to explicitly request a refresh token by also specifying 'refresh token' in your scope (space delimited). 如果指定范围(如“api”),则需要通过在范围中指定“刷新令牌”(空格分隔)来显式请求刷新令牌。 More info on scopes here: https://na12.salesforce.com/help/doc/en/remoteaccess_oauth_scopes.htm 有关范围的更多信息,请访问: https : //na12.salesforce.com/help/doc/en/remoteaccess_oauth_scopes.htm
Unlike Google , Salesforce will provide the refresh token multiple times, regardless of whether the user has just approved the app or not. 与Google不同 ,Salesforce将多次提供刷新令牌,无论用户是否刚刚批准了该应用。
I've been playing around with this using Google's OAuth playground . 我一直在使用谷歌的OAuth游乐场玩这个游戏 。 You can click the gear at the top right and specify the values for Salesforce's services. 您可以单击右上角的齿轮并指定Salesforce服务的值。 Authorization endpoint: https://login.salesforce.com/services/oauth2/authorize Token endpoint: https://login.salesforce.com/services/oauth2/token Client ID/secret: from Salesforce's 'consumer' key/secret info in the Remote access Config 授权端点: https : //login.salesforce.com/services/oauth2/authorize令牌端点: https : //login.salesforce.com/services/oauth2/token客户端ID /机密:来自Salesforce的“消费者”密钥/秘密信息在远程访问配置中
You'll need to use 'https://code.google.com/oauthplayground/' as your callback URL in your app configuration. 您需要在应用配置中使用“https://code.google.com/oauthplayground/”作为回调网址。
解决方案2
0 2015-05-04 18:55:47
This can be done in your account under: 这可以在您的帐户中完成:
My Settings | Select Personal | Advanced User Details | OAuth Connected Apps
Exact steps at salesforce can be found here 可以在此处找到salesforce的确切步骤
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.