+ Start a Discussion
Mateusz Wolak-Książek 17Mateusz Wolak-Książek 17 

Access Token not refreshing - Named Credentials & Auth Provider

Hey,

I have following problem - I'm using named credentials with auth provider to send offline conversion to Google Ads.

 

My auth provider setup:

Provider Type - Open ID Connect
Name - Google API
URL Suffix - Google_API
Consumer Key - ***.apps.googleusercontent.com
Authorize Endpoint URL - https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent
Token Endpoint URL - https://www.googleapis.com/oauth2/v4/token
Default Scopes - openid 

 

My named credential setup:

Url - https://adwords.google.com/api/adwords/cm/v201809/OfflineConversionFeedService

Scope - openid https://www.googleapis.com/auth/adwords
Generate Authorization Header - checked

 

My app at google contains redirect_uri from salesforce and in "APIs & Services" I have enabled "Google Ads API".

 

When I edit named credential and "Start Authentication Flow on Save" and enter my google credentials, my integration works for 1 hour. I receive 200 and can see that Google Adwords received my data.

After na hour I receive;

"System.CalloutException: Web service callout failed: WebService returned a SOAP Fault: [AuthenticationError.OAUTH_TOKEN_INVALID @ ; trigger:'<null>'] faultcode=soap:Client faultactor="

 

When I reauthenticate in named credentials once again it start to again work for another hour.

Have you got guys any ideas what I'm doing wrong?

bharath kumar 52bharath kumar 52
Hi,

Can you try using a refresh token?
I am sure there's a way to generate a refresh token using google's connected app since the auth provider is google. Let me know if thhis helps.

Thanks,
Bharath
Mateusz Wolak-Książek 17Mateusz Wolak-Książek 17

Hey,

I could, but I don't really know how to get refresh token using named credentials and auth provider? Is it even possible? And even when I would have it, how would I use it in SOAP integration using named credentials & auth provider?

We have similar integration with google analytics and everything works well, but there is another named credential with different endpoint and scope - there is scope - openid https://www.googleapis.com/auth/analytics.readonly.

 

 

Mateusz Wolak-Książek 17Mateusz Wolak-Książek 17

Oh, and I have tried also this https://help.salesforce.com/articleView?id=000313355&type=1&mode=1 - but my dummy request does not even work - no matter how many times I try to invoke integration after an hour from authentication - all the times it returns

NAMED_CREDENTIAL_RESPONSE|NamedCallout[Name=Google_AdWords, Status Code=500]
EXCEPTION_THROWN|[333]|System.CalloutException: Web service callout failed: WebService returned a SOAP Fault: [AuthenticationError.OAUTH_TOKEN_INVALID @ ; trigger:'<null>'] faultcode=soap:Client faultactor=

 

Mateusz Wolak-Książek 17Mateusz Wolak-Książek 17
any idea guys? :(