function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
mintotsai@dev.jasminemintotsai@dev.jasmine 

Identity URL returns Bad_OAuth_Token

When using the Identity URL, I have a client who is getting Bad_OAuth_Token. The same code works in the same instance for other clients. The instance is na16.

The code is: 
static public String protocolAndHost {
        get {
            if (protocolAndHost == null) {
                //memoize
                String orgId = UserInfo.getOrganizationId();
                String userId = UserInfo.getUserId();
                String sessionId = UserInfo.getSessionId();

                //use getSalesforceBaseUrl within batches and schedules (not Visualforce), and fix inconsistent protocol
                if (sessionId == null) return Url.getSalesforceBaseUrl().toExternalForm().replace('http:', 'https:');

                PageReference pr = new PageReference('/id/' + orgId + '/' + userId);
                pr.getParameters().put('oauth_token', sessionId);
                pr.getParameters().put('format', 'json');

                //within test context use url class, else derive from identity api
                String data = Test.isRunningTest() ? '{"urls": {"rest": "' + Url.getSalesforceBaseUrl().toExternalForm() + '"}}' : pr.getContent().toString();
                Map<String,Object> result = (Map<String,Object>)Json.deserializeUntyped(data);
                Map<String,Object> urls = (Map<String,Object>)result.get('urls');

                //compose pod from the REST endpoint
                Url rest = new Url((String)urls.get('rest'));
                protocolAndHost = rest.getProtocol() + '://' + rest.getHost();
            }

            return protocolAndHost;
        }
    }


The error return is: 
403 status code return from request to https://na16.salesforce.com/id/00Dj0000001tO6KEAU/005j000000BYfmLAAT?format=json&oauth_token=00Dj0000001tO6K%21AQwAQHsiQOYRd7vpLI2.iY0vRYMzUbbiXUkZQiLdx593O2hxAbtIrbjU3TfYa6KTNPBAeVA.Pg3pUQQOrWlJgbsbG7ppWcU8&inline=1
An unexpected error has occurred. Your solution provider has been notified.

Please help!
NagaNaga (Salesforce Developers) 
Hi mintotsai@dev.jasmine,

Can you please provide me with the effected org id and the date on which this error was encountered so that we will try and check in our internal tools and update you on the same.

Best Regards
Naga kiran 






 
mintotsai@dev.jasminemintotsai@dev.jasmine
Hi Naga,

The affected org is 00Dj0000001sold. 

After further research, I found that the error is caused by the Spring '15 Session Setting:  Lock sessions to the domain in which they were first used.

Thanks for your help.
juan morajuan mora
I disabled the 
"Lock sessions to the domain in which they were first used" 

Is there any counter issue related to that?

Thanks
Mohsin.RazaMohsin.Raza
Hi - I know this is a very old post but we are facing a similiar problem on our org. When using Idenitity URL from VF page, we are getting HTTP 403 error but works fine when we execute the same directly on the browser. Also its working for only one user and for every other user on the same org we are getting HTTP 403 error. The user that this is working for does not even have a salesforce admin profile. Its not working for users having salesforce admin profile. Any help on this will be greatly appreciated.

Thanks - Mohsin