SalesForce OAuth failed with {“error_description”:“authentication failure”,“error”:“invalid_grant”} response

3
votes

Can't setup SalesForce OAuth for a week with the same error. Don't have any idea anymore :(

What I did:

  1. Create account in salesforce
  2. Create New App, get security key and secret to use in my WebApp
  3. Send GET request to https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=%s&redirect_uri=%s
  4. The request above redirects me to the login page, when I log in
  5. Got the code in my app
  6. Send POST request to https://login.salesforce.com/services/oauth2/token with grant_type, client_id, client_secret, redirect_uri and code form parameters.
  7. Receive HTTP 400 with JSON below: {"error_description":"authentication failure","error":"invalid_grant"}

Guys, please, tell me what am I doing wrong? When I use PostMan google plugin with all my credentials all works fine, but when I do requests locally - receive error: {"error_description":"authentication failure","error":"invalid_grant"}

IP relaxation set to Relax IP restrictions callback_uri is with HTTPS

May it be that my IP blocked by SalesForce? Have no idea except this :(

1
authenticationsalesforce
for (6) ensure you're setting the correct content-type HTTP header.superfell
are you doing 6 manually? Maybe taking too long? I think the token is only valid for tens of secondsBrad Tofel
I also have this issue. I know for a fact it is not the authorization code expiring because if I leave it to retry the request for several minutes, eventually I get a different error message saying that the code has expired. This makes me think there is a setting in salesforce preventing the login.Mike

1 Answers

1
votes

Step 1: Create an account. You can create a (free) developer account at developer.salesforce.com Step 2: Ignore all the landing pages and getting started crap. It’s an endless marketing loop. Step 3: Click the “Setup” link

Step 4: In the lefthand toolbar, under “Create”, click “Apps”

Step 5: Under “Connected Apps” click “New”

Step 6: Fill out the form. Important fields are marked below (you can leave the rest blank)

Step 7: Be advised that Salesforce has crappy availability.

Step 8: Press continue. You finally have your key (client id) and secret (client secret).

Step 9: But wait! You’re not done yet.

Make sure IP restrictions are disabled as well, and make sure that Permitted Users is set to “All users may self-authorize.” If you’re concerned about disabling security, don’t be for now, you just want to get this working for now so you can make API calls. Tighten permissions once you have everything working, one at a time, so you can figure out what setting is giving you authentication errors.

Step 10: Celebrate! This curl call should succeed: curl -v https://login.salesforce.com/services/oauth2/token -d “grant_type=password” -d “client_id=YOUR_CLIENT_ID_FROM_STEP_8″ -d “client_secret=YOUR_CLIENT_SECRET_FROM_STEP_8″ -d “[email protected]” -d “[email protected]” Notes: - You shouldn’t be doing password authorization if you’re building a multi-tenant app, where users need to authorize their own application. Use the Oauth2 workflow for that.

Follow This tutorial.this will solve your login queries.

http://www.calvinfroedge.com/salesforce-how-to-generate-api-credentials/