+ Start a Discussion
James (CloudAnswers)James (CloudAnswers) 

OAuth paramater "immediate" is not obeyed

I am using the web server oauth2 flow and have an application that lets a user connect 2 salesforce orgs to my application (which is Python/Django).  I found that if the user authenticates org 1 they come back to my app and when we try to send them to authenticate org 2 it automatically redirects them back to my site (the callback url) with the credentials for org 1.

 

Unfortunately, that means they have to log out of each org to set up the connection for the next one.  Is there a way to always prompt the user when they hit the oauth approval page instead of immediatly bouncing them back immately?  I tried changing the "state" parameter too but no luck - it just assumes if you've been authenticated for one org that you have to go back to that one if you're still logged into it.  The immediate parameter is defaulted to false and i even explicitly tried to set it with no luck.  I just want it to get that prompt page so you can get the option to log out and login as a new org.

 

Thoughts?

SuperfellSuperfell

In the remote access settings for your oauth client id there's the option "no user appoval required", make sure that's no checked.

James (CloudAnswers)James (CloudAnswers)

Not checked since Jan 4

James (CloudAnswers)James (CloudAnswers)

One work-around I've been hesitant to put in place, but is certainly an option in there is official way to make it work, is to iframe the logout page on the last page they see on my site before they leave to approve my app - so they are forced to login when reaching salesforce: https://login.salesforce.com/secur/logout.jsp

 

Not ideal - but in case anyone else is having a problem, that's one work-around for it.  :)

alithom39alithom39

did you ever come up with a solution? I'm having the exact same issue.