Apex Code Development You need to sign in to do that
Don't have an account?
Screen OAuth Callback Fails at RemoteAccessauthorizationPage.apexp with My Domain URL
Hi Chatter Gurus,
We've created an OAuth 2.0 application that works perfectly against the standard SFDC environment using the basic (non-customized) developer and production environments. We point the web application to point to login.salesforce.com URL for authorization of the remote application and everything works perfectly from point of "Allow" of the authentication through to the callback where we store token information etc. in our application for future requests. This works as designed.
Our customer has a my domain URL configured through SFDC, i.e.: https://na8.salesforce.com/help/doc/en/domain_name_overview.htm
The problem is that there is some issue is happening with the application when it is deployed to or customer's environment. There is a problem in the OAuth application shortly after the customer user logs in for the OAuth application authentication which is causing the complete OAuth flow to fail. Here's the flow after our application is deployed to the client and we've verified the application is started and all standard system checks pass as working:
- Our OAuth web client application calls for an authorization url by pointing to the base URL of login.salesforce.com
- User clicks on the new authorization URL and an OAuth windows appears for login.salesforce.com
- the user logs in at the login.salesforce.com login page
- The user is presented with the allow or deny application page
- The user "Allows" authorization of the Remote Access application
At the last step, once the user clicks "Allow", the URL in the address bar of the OAuth authorization window changes to the customer's company "My Domain" URL, for example,
...and the callback fails. At this point we are hoping the discussion boards can lend some insight.
We are not APEX developers per se, so we are not sure if the RemoteAccessAuthorizationPage.apexp page is something custom our customer has developed or if this is something standard with some SFDC configuration we are not aware of.
There are NO error messages returned to the OAuth client application. We are not sure what log to ask the client to refererence if there is one that can be referenced for this failed OAuth Flow.
We have been unable to replicate the error in our test environments.
If someone could lend some insight to the issue abve that would be greatly appreciated.
Cheers,
Christian
We had the same symptom "Insufficient Privileges" at /setup/secur/RemoteAccessAuthorizationPage.apexp. The cause was that "Generate new password and notify user immediately" was unchecked during the user creation step. That user had no password as yet, and could not manually approve OAuth applications. Not even with a System Administrator profile. Not even when using "Login As".