You need to sign in to do that
Don't have an account?
Can I have refresh token with user-agent-flow?
From the documentation I think that the answer is yes:
OAuth 2.0 User-Agent Flow for Desktop or Mobile App Integration (salesforce.com)
But if I try I can't get it.
I have developed a web application that allows any user to connect with its salesforce account.
I've implemented User Agent Flow and I obtain correctly access_token and other info but I can't obtain refresh_token, even if I have the correct scopes (api, web, refresh_token, offline_access).
This is my request:
https://login.salesforce.com/services/oauth2/authorize?response_type=token&scope=refresh_token&client_id=[MY_CLIENT_ID]&redirect_uri=[MY_REDIRECT_URL]
And my redirect URL is:
http://[MYSITE].com/#/services/oauth2/success
(that corresponds to the host from where I make the call)
This call correctly gives me access_token but not refresh_token.
If I use "https" instead "http" I receive this error:
error=invalid_scope&error_description=the requested scope is not available
From the documentation, I read that
"The refresh token for the user-agent flow is only issued if you requested scope=refresh_token and one of the following scenarios is true:
....
- The redirect URL host matches the request host and includes the servlet services/oauth2/success.
..."
I think to be in this case, what am I doing wrong?
Thanks in advance
I see you also posted on https://salesforce.stackexchange.com/questions/376001/can-i-obtain-refresh-token-with-user-agent-flow
Does the comment on the post help?Thx
Thank you for your answer. I didn't receive the notifications, so I just see the comments.
I tried using this constraint:
- The redirect URL host matches the request host and includes the servlet services/oauth2/success
but I still don't receive the refresh token.
I see that anyone suggest to use the web server flow. But can I authenticate user from other organization with that flow?
Thank you in advance