stackoom
  简体   繁体   中英

how to refresh or revoke OAuth2.0 access/refresh_token, when no refresh token available?

 原文  2012-05-16 22:25:56       salesforce/ oauth-2.0

Question

I was working in my sandbox environment trying to figure out the Chatter API calls - I had saved my refresh token during my testing but it was lost sometime later.

Now when I try to hit the API I am receiving the following error:

"expired access/refresh token"

How do I get around this now? I do not have a refresh token so i cannot make a request to refresh my token, and i'm not sure how to expire / delete / revoke it via the UI so that I can proceed with my testing.

my cUrl call is as follows: 

curl
    --form client_id=3MVG92.u...2KycWe
    --form client_secret=668...930
    --form grant_type=password
    --form username=mike....com
    --form password=*#()@*#$@
    --proxy 127.0.0.1:3128 --insecure
  https://test.salesforce.com/services/oauth2/token

Things I have tried:

  • Reset my password
  • Delete remote access and create a new one with new client_id / secret
  • Reset my security token

Does anyone know how to expire the token or get a new refresh token via the API or UI in salesforce?

2 answers

solution1
 4 ACCPTED  2012-05-18 22:36:00

To revoke access from the UI, click on the following in the menu at the top right of Salesforce: Your Name | Setup | My Personal Information | Personal Information and clicking Deny

More info here: https://na12.salesforce.com/help/doc/en/remoteaccess_about.htm

What scope are you using? If you specify a scope (like 'api'), you'll need to explicitly request a refresh token by also specifying 'refresh token' in your scope (space delimited). More info on scopes here: https://na12.salesforce.com/help/doc/en/remoteaccess_oauth_scopes.htm

Unlike Google , Salesforce will provide the refresh token multiple times, regardless of whether the user has just approved the app or not.

I've been playing around with this using Google's OAuth playground . You can click the gear at the top right and specify the values for Salesforce's services. Authorization endpoint: https://login.salesforce.com/services/oauth2/authorize Token endpoint: https://login.salesforce.com/services/oauth2/token Client ID/secret: from Salesforce's 'consumer' key/secret info in the Remote access Config

You'll need to use 'https://code.google.com/oauthplayground/' as your callback URL in your app configuration.

solution2
 0  2015-05-04 18:55:47

This can be done in your account under:

My Settings | Select Personal | Advanced User Details | OAuth Connected Apps

Exact steps at salesforce can be found here

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Refresh token in Oauth2.0 No refresh_token in SalesForce OAuth Response Ruby OAuth with Salesforce not getting refresh_token How to refresh access_token in OAuth 2.0 in salesforce Salesforce Refresh Token OAuth Get refresh_token for Connected App in SalesForce what are the sizes of access_token and refresh_token in Microsoft Identity platform scenarios and if reasonable, should it be stored in the DB? Trying to understand OAuth2 refresh_token flow - keep getting invalid_grant Why dont i get a new refresh token when i refresh access token in Salesfroce? OAuth Refresh Token Process for salesforce SDK
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM