function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
JamieGJamieG 

OAuth with Consumer Key not listed under ConnectedApps works?

Has anyone else come across this? I am able to connect to my production org with OAuth (tested via CURL) and get an access_token using a consumer key/secret that isn't listed under my Connected Apps?  It may have been a valid key/secret at one time before I joined the company but it is definitely not listed under our Connected Apps now yet I'm still able to authenticate via OAuth using it.  If change one character in the key it fails (as I would expect).

 

 

Best Answer chosen by Admin (Salesforce Developers) 
digamber.prasaddigamber.prasad

I assume the consumer key/secret you are using I believe is from production org i.e. the login url is https://login.salesforce.com. Where as you are using the same on sandbox whose login url is https://test.salesforce.com. That is the reason you got the error.

 

Could you please try the same consumer key/secret on your own developer sandbox whose login url is https://login.salesforce.com.

 

By my above statement, I meant to say consumer key/secret will work along any of org, provided the login url should be same.

 

Please let me know if you have any question/concern around this.

 

Happy to help you!

 

Regards,

Digamber Prasad

All Answers

digamber.prasaddigamber.prasad

Hi,

 

On top of my mind, I can get remember that if you generated consumer key/secret once, any one else can use it. When salesforce recives request for oauth token using consumer key/secret, it just checks if its associate with environment or not like sandbox/production. Then next stage in authentication is having username/password authentication.

 

You can cross verify this in your dev org too. Use the same consumer key/secret in your dev org and you should be able to get access_token.

 

Let me know if it doens't work for you!

 

Happy to help you!

 

Regards,

Digamber Prasad
JamieGJamieG

>You can cross verify this in your dev org too. Use the same consumer key/secret in your dev org and you should be able to get access_token.

 

I just tried that in one of my dev sandboxes and it doesn't generate an access token. I get an error.

 

{"error_description":"expired access/refresh token","error":"invalid_grant"}
digamber.prasaddigamber.prasad

I assume the consumer key/secret you are using I believe is from production org i.e. the login url is https://login.salesforce.com. Where as you are using the same on sandbox whose login url is https://test.salesforce.com. That is the reason you got the error.

 

Could you please try the same consumer key/secret on your own developer sandbox whose login url is https://login.salesforce.com.

 

By my above statement, I meant to say consumer key/secret will work along any of org, provided the login url should be same.

 

Please let me know if you have any question/concern around this.

 

Happy to help you!

 

Regards,

Digamber Prasad

This was selected as the best answer
JamieGJamieG

I see. Yes, you're correct!  Well that helps to explain this situation. The key was probably created in another Org which is why I'm unable to see it listed under Connected Apps in my production org.

 

Thanks.
digamber.prasaddigamber.prasad

Happy that you got your answer!

 

If this post helps you, Mark it as solution and please throw a Kudos by clicking Star ***

 

Regards,

Digamber Prasad