+ Start a Discussion
msreekmdreammsreekmdream 

salesforce1 app - oauth error using my domain

Tried login to salesforce using the new saleforce1 app after entering my domain url in settings , this correctly redirects to our internal SSO page and after authentication on redirect back to salesforce.com, getting oauth error- remote access authorization error . Click on

'Are you not XYZ? link ,takes to grand permission auath page, click on allow login to salesforce.com. Not sure why this is happening, anyone else has the same issue?

 

 

Sonam_SFDCSonam_SFDC

 

Are you able to login to Salesforce 1 after clicking on Allow ? SSO should ideally be working fine with Salesforce 1 without any issues or errors.

 

Pls let me know and I would like to investigate this further..

 

 

msreekmdreammsreekmdream

I am able to login after clicking on allow, but it gives the same prompt again, next time when I login. Is this an expected behaviour? if so, why is it giving remote authorization error first and then showing the allow/deny permission screen later?  This is not even the standard oauth behaviour.

msreekmdreammsreekmdream

any suggestions?

Sonam_SFDCSonam_SFDC

Hi,

 

I have reached out to my internal mobile experts to get the possible troubleshooting steps we can try - Will soon update you. 

riffindusriffindus
Hi,

I am facing this issue when trying to login to Salesforce1. Do you have any update on it?

msreekmdreammsreekmdream
Hi all,

Finally solved this issue with the help of salesforce support.

Turned out salesforce1 sends a relaystate to Idp and if you dont echo back the relaystate exactly as it was sent to you, it will give remote oauth error.

In case of salesforce1 mobile app, this relaystate parameter is a very large url with some base64 encoded value at the end , In our case,during redirect to our Idp , part of it was getting lost . 

Compare relaystate that salesforce send to you and what you are giving back to salesfore after authentication.

Hope this helps
sree
riffindusriffindus
I don't know how to get relaystate and compare it. can you please elaborate the process.

Aariff
sfdc admindevsfdc admindev
Hi All,

Do we have any solution for this issue? I have been facing the same issue.Please let me know how to fix this issue.
Thanks,
Kumar
riffindusriffindus
Hi Kumar,

we had a peculiar problem. i am not sure, whether it is same for you. anyhow i will explain the work around/solution here.

we were getting remote authorisation error on our ipad ion salesforce1 aap. on further investigation, if you have your login page open for a long time, and try to login, you will get this error. so close the app, reopen it and try logging in, it will let you login,

Aariff