Apex Code Development You need to sign in to do that
Don't have an account?
janir renew access token in angular cli (web browser) (either with or without refresh token)
Hi,
I have implemented an angular cli app which is currently running in localhost and I have several connections to Salesforce instances. I am using oauth2 to authorize the app. Currently I am getting the refresh token to the app and when the access token expires I renew it with the refresh token.
Here I hit a CORS issues:
ERROR_HTTP_400: Access Declined
I am using jsforce with the proxyUrl setting for the connection but still getting the error.
I get the same error if I make a direct http call and not using jsforce.
It works for other authenticated calls, in those I don't get the CORS issue.
Any idea how to fix this ?
If I don't have the refresh token (implicit flow), how do I renew the access token ? It would be better not to have the refresh token in the browser but I couldn't figure out any other way of getting a new access token when it expires.
Does Salesforce support silent authentication like described here: https://www.scottbrady91.com/OpenID-Connect/Silent-Refresh-Refreshing-Access-Tokens-when-using-the-Implicit-Flow
-Jani
I have implemented an angular cli app which is currently running in localhost and I have several connections to Salesforce instances. I am using oauth2 to authorize the app. Currently I am getting the refresh token to the app and when the access token expires I renew it with the refresh token.
Here I hit a CORS issues:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://login.salesforce.com/services/oauth2/token. (Reason: CORS header 'Access-Control-Allow-Origin' missing).The funny thing is that I can see in the network tab that it makes the call and it returns me the new access token but in the console I get error:
ERROR_HTTP_400: Access Declined
I am using jsforce with the proxyUrl setting for the connection but still getting the error.
I get the same error if I make a direct http call and not using jsforce.
It works for other authenticated calls, in those I don't get the CORS issue.
Any idea how to fix this ?
If I don't have the refresh token (implicit flow), how do I renew the access token ? It would be better not to have the refresh token in the browser but I couldn't figure out any other way of getting a new access token when it expires.
Does Salesforce support silent authentication like described here: https://www.scottbrady91.com/OpenID-Connect/Silent-Refresh-Refreshing-Access-Tokens-when-using-the-Implicit-Flow
-Jani