function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
CosminCCosminC 

Google Authentication using Auth Provider / Named Credential not working

Hello,

I have setup an Authentication Provider and Named Credential to authenticate to Google (specifically Google Calendar), this has worked fine in Sandbox for the past 2 weeks (and is still authenticated as I write this, using a free Gmail account). The problem came when I needed to replicate this in production, where I'm using the same settings though adjusted with the production domain url for the callback. Now the Named Credential fails to authenticate. The error I get is Remote_Error: invalid_request

If I edit the Sandbox Named Credential which is currently authenticated and click save to start the auth flow again, then I get the same error in the Sandbox environment, however that one stays authenticated even after that (same if I use the Test-Only Initialization URL inside Auth.Provider)

I have also tried using a different Gmail account with a new project in the google console, different client secret and id, but I got the same error.

My authentication provider is using Open ID Connect as Provider Type. I have also tried using Google as provider type however I get a different error: Id_Token_Error: Missing id_token

User-added image
User-added image
User-added image
User-added image

Any help would be kindly appreciated.
Thanks,
Cosmin
Best Answer chosen by CosminC
CosminCCosminC
I find it sad that we're not allowed to post developer questions in the Salesforce support section, to receive real support on any issue we might have, instead being redirected to this sorry excuse of a developer forum where noone's capable of answering a simple question.

Anyway I solved the above on my own, there was an "openid" scope missing in the Named Credential.

All Answers

CosminCCosminC
I find it sad that we're not allowed to post developer questions in the Salesforce support section, to receive real support on any issue we might have, instead being redirected to this sorry excuse of a developer forum where noone's capable of answering a simple question.

Anyway I solved the above on my own, there was an "openid" scope missing in the Named Credential.
This was selected as the best answer
Chris MenteerChris Menteer
yeah, i agree, this is BS
Mohammed SiddiqueMohammed Siddique
@CosmiC, What was the issue exactly you were facing, I'm facing the same issue. I don't understand where do I add/update "openid" Can you please elaborate so I can make the same changes. Your help is appreciated Thank you.
Indy KissoondyalIndy Kissoondyal
Heads up for the future-- I had this same issue with the missing id_token. Then tried with the Open ID as Provider type for the authentication provider. I ended up going with Open ID instead of Google as the provider. Make sure that the URL has no capitalization. Fixed that and double check this guide https://help.salesforce.com/articleView?id=000239696&type=1 and that should do it. 
Swagat TalsaniaSwagat Talsania
The answer that CosminC provided is what I was looking for as well. "openid" was missing in the Default Scope for the Auth. Provider.
Jean-Luc VanhulstJean-Luc Vanhulst
To be specific for someone else coming here like I did.
In the SCOPE field of the NAME CREDENTIAL - ADD openid (and then after that your google credential) so mine looks like:

User-added image
And ... it works!