I'm having an issue with connecting a 3rd party mobile application that leverages javascript to attain the correct Access_Control_Allow Headers for CORS compliance.   I've setup the application in the CORS whitelist using the following pattern:  http://localhost:8100.  I also tried adding the IP address, but I kept on getting an error related to an improper URL format..  The request includes the following:
The request I'm sending is the same request specified in your document, except that it's using JSON. 
{
"grant_type": "password",
"client_id": "3MVG9hq7jmfCuKffUGdcgE1wherSAQLAa3y9rRfgcW_YgB_hgO6BQdyiio_StTcQj8MSolSDxjpUuEksqx5Sp",
"client_secret": "677911424197059408",
"username": "cwdevelopmentdev@contentwatch.com",
"password": "CWDev123qbSN0DkczmlvOJie2kOJfy9fA"
}
 
The response I'm expecting is something like this:
 
{
 "access_token": "00D2C0000000pWC!AQIAQAAzmEc49tiyu6YZor4NL20KhLWwPu3EsFCs6O2.sXuuGHH0zkRHAwFrIFf.3Cen_k5vnSL1FuJ9apUeBPuE9AY18h8y",
 "instance_url": "https://cs59.salesforce.com",
 "id": "https://test.salesforce.com/id/00D2C0000000pWCUAY/0052C000000GLK5QAO",
 "token_type": "Bearer",
 "issued_at": "1476201662859",
 "signature": "rEW13KGMOcjLc2GyhJpArqDIz8Ue+B7iHLTpNROFg/Y="
}
 
 
But the important thing about the response is the headers. Here is the set of headers I currently get on the response: 
 
Cache-Control →no-cache, no-store
Content-Encoding →gzip
Content-Type →application/json;charset=UTF-8
Date →Tue, 11 Oct 2016 16:01:02 GMT
Pragma →no-cache
Strict-Transport-Security →max-age=31536000; includeSubDomains
Transfer-Encoding →chunked
X-ReadOnlyMode →false
 
The headers that I'm missing look something like this: 
 
Access-Control-Allow-Headers →Origin, Content-Type, Accept, Pragma, Cache-Control, If-Modified-Since, Authorization 
Access-Control-Allow-Methods →OPTIONS, GET, POST,  PUT 
Access-Control-Allow-Origin →*
 
Can you provide any feedback about why I'm not getting the Access-Control-Allow-Headers, methods and Origin values?

Thanks

 

Hi, I'm running into an issue with getting an access token using a connected app with grant_type = password.  Here is my curl script:

curl https://test.salesforce.com/services/oauth2/token -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=password" -d "client_id=<my client_id>" -d "client_secret=<my client_secret>" -d "username=<myusername@domain.com>" -d "<my password+secret>"

I'm getting an invalid_grant error  "Authentication failure" 
 

Hi, I'm running into an issue with getting an access token using a connected app with grant_type = password.  Here is my curl script:

curl https://test.salesforce.com/services/oauth2/token -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=password" -d "client_id=<my client_id>" -d "client_secret=<my client_secret>" -d "username=<myusername@domain.com>" -d "<my password+secret>"

I'm getting an invalid_grant error  "Authentication failure" 
 

Hi, I'm running into an issue with getting an access token using a connected app with grant_type = password.  Here is my curl script:

curl https://test.salesforce.com/services/oauth2/token -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=password" -d "client_id=<my client_id>" -d "client_secret=<my client_secret>" -d "username=<myusername@domain.com>" -d "<my password+secret>"

I'm getting an invalid_grant error  "Authentication failure"