+ Start a Discussion
Tew WerTew Wer 

Having a problem getting a salesforce access token. I've got a post man call that works fine, but it's not working in code

Having a problem getting a salesforce access token. Getting the access token works fine in postman, but what I'm trying to do it in C# i'm getting an error.
I've tried to doing the equivlent to what I was doing in postman but I'm not sure if getting this right.
 
var client = new HttpClient();
        string baseAddress = @"https://test.salesforce.com/services/oauth2/token";

        string grant_type = "authorization_code";
        string client_id = "client_id here";
        string client_secret = "client_secret here";
        string auth_url = "https://test.salesforce.com/services/oauth2/authorize";
        string callback_url = "https://app.getpostman.com/oauth2/callback";
        string redirect_uri = "https://app.getpostman.com/oauth2/callback";

        var form = new Dictionary<string, string>
            {
                {"grant_type", grant_type},
                {"client_id", client_id},
                {"client_secret", client_secret},
                {"auth_url", auth_url},
                {"callback_url", callback_url},
                {"redirect_uri", redirect_uri}
            };

        HttpResponseMessage tokenResponse =  client.PostAsync(baseAddress, new FormUrlEncodedContent(form)).GetAwaiter().GetResult();
        var jsonContent =  tokenResponse.Content.ReadAsStringAsync().GetAwaiter().GetResult();



This is the error I'm getting:
{ 
"error": "invalid_grant", 
"error_description":"invalid authorization code" 
}

 
Greg HGreg H
You need to include the authorization code in order to obtain the access and refresh tokens.

Presuming you are using the Webserver Authentication Flow, the authorization code would have been appended to the callback URL with a key of the string "code". That value would be what you need to include in your request for an access token.

See step #3 here https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_web_server_oauth_flow.htm
-greg
Tew WerTew Wer
Where would I get the auth code?
Greg HGreg H
It would have been appended to the callback URL after the User was authenticated. See step #3 in the link I included originally. If that is not where you are in the process then please clarify the authentication flow you are attempting to use for your application. Specifically, are you using the Web server flow, User-agent flow or Username-password flow?
-greg
Tew WerTew Wer
Looks like it would be User-Agent flow.
Tew WerTew Wer
Thanks, looks like you helped me figure it out.
Greg HGreg H
I think we may be confusing each other here...

If you are performing the User-Agent flow then your callback URL will need to be a webserver to which you have access and can extract the access_token so that it can be used in subsequent requests.

I think it may make more sense at this point to simply use the Username-password flow and format your initial request to salesforce as follows:
var form = new Dictionary<string, string>
{
    {"grant_type", "password"},
	{"client_id", client_id},
	{"client_secret", client_secret},
	{"username", your-username},
	{"password", your-password}
};
Where you will substitute an actual username and password from your Org. The endpoint will be https://test.salesforce.com/services/oauth2/token if you are using a sandbox. The response will look similar to this:
{
    "id":"https://cs90.salesforce.com/id/00Dx0000000BV7z/005x00000012Q9P",
    "issued_at":"1278448832702",
    "instance_url":"https://yourInstance.salesforce.com/",
    "signature":"0CmxinZir53Yex7nE0TD+zMpvIWYGb/bdJh6XfOH6EQ=",
    "access_token":"00Dx0000000BV7z!AR8AQAxo9UfVkh8AlV0Gomt9Czx9LjHnSSpwBMmbRcgKFmxOtvxjTrKW19ye6PE3Ds1eQz3z8jr3W7_VbWmEu4Q8TVGSTHxs"
}

You can use the access_token value provided in the API response to your request in subsequent calls and to test out your application logic further.
-greg