Forum Discussion

lzapart's avatar
lzapart
New Contributor III
8 years ago

SalesForce - REST API with OAUTH2 Token Auto Refresh Issue

Hi,

Is anyone using REST Get snap with Salesforce instance using OAUTH2 account? I am having trouble with keeping my Account tokens up to date. I am able to connect and receive an Access Token and a Refresh Token on my account using the Account “Refresh” button. But SF does not provide me back a “Access token expiration” time. Apparently per SnapLogic support, I cannot enable “auto refresh token” on the account so the token can refresh without an expiration date on the token. I have to manually every hour open my account settings in Snaplogic account and hit “Refresh” to receive a new refresh and access tokens. If not, my snap step returns error “Session expired or invalid”,“errorCode”:“INVALID_SESSION_ID” in all of my pipelines. It’s very frustrating and redundant having to do this multiple times a day.

Is there a way to pass thru a expiration token time to the account? Or is there a way I can force a token refresh each time my pipeline runs without my input?

My use case is, SF snaps do not give us ability to access rich functionality such as getdeleted() or getupdated() on SF objects. These logs contain hard deleted items per object (when the object is replicated in SF) and we use these logs to keep the data in synch in our DB without having to re-download hundreds of millions of records per object every hour which is not possible. This log data is not accessible through SOQL as far as I can see and they are not in the recycle bin (hence hard deleted) so standard snaps don’t work for this.

Example of REST Get service url for hard deleted item logs:
https://instance#.salesforce.com/services/data/v39.0/sobjects/AccountTeamMember/deleted/?start=2017-09-13T00:00:00-00:00&end=2017-09-15T00:00:00-00:00

SF documentation: Developer SF REST API - GetDeleted()

Another way of getting these results from what I have read is to use REST API QueryAll() functionality in SF. But it uses same Account configuration.

Any help of feedback is much appreciated.

14 Replies

  • bhupender_singh's avatar
    bhupender_singh
    New Contributor III

    Thanks @lzapart for helping. Those who are struggling in getting refresh_token from SalesForce, make sure the connected app in SalesForce has Selected OAuth Scopes as follwoing:

    Full access (full)
    Perform requests on your behalf at any time (refresh_token, offline_access)

    Then using postman make a request to get new access_token with your client_id and client secret with scope as refresh_token:

    Use that refresh_token in pipeline shared by @lzapart along with client_id and client secret to get access_token.

    • flavia_sarah's avatar
      flavia_sarah
      New Contributor II

      Thanks @bhupender.singh for your input, which was still helpful to me even after a year. 🙂
      I was facing the same issue in Oauth2 Account, as it wasn’t auto-refreshing the token for me, and I was reluctant on taking the whole REST POST Snap approach.

      In SFDC App, I had only Selected OAuth Scopes as “Full access (full)”, now I tried selecting both:

      1. Full access (full)
      2. Perform requests on your behalf at any time (refresh_token, offline_access)

      and generated the Client ID and Client Secret which I then used in the Snaplogic Oauth2 account. It works for me now! 🙂
      Will keep posted on any other observations. Thanks again!

      • KTsnap's avatar
        KTsnap
        New Contributor III

        Hi, Could you please let us know what have you given in callback url at salesforce end. We are getting the below error while clicking on “authorize” in snaplogic salesforce oauth2 account.

        error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration

  • Can you file a ticket with Support please? We can definitely take a look.

    • lzapart's avatar
      lzapart
      New Contributor III

      Hi,

      Yes, the issue still exists for me. I already talked with support but did not get any solution to this issue and I was wondering if anyone else has issues using the “auto refresh” Salesforce token for a OAUTH2 account in SnapLogic. Support tells me I cannot auto refresh an account token without a token expiration date on the account so I’m stuck.

      • lprais's avatar
        lprais
        New Contributor

        Hi Izapart,

        I came to the same requirement where i need to get access_token and refresh_token from Salesforce using the OAuth 2. I am able to get access_token value and access_token_expiration shows as -1, which i am assuming that access_token never expires. But i am not able to get the refresh_token.
        How you had configured the Salesforce account in order to get the refresh_token in your case.

        Any help is appreciated.

        Thanks

  • christwr's avatar
    christwr
    Contributor III

    Any thoughts on securing those credentials better if they’re not in an actual “account”?