Unable to get refresh token - OAuth issue


We are building an app which uses OAuth to authorize the user’s Salesforce account. We are facing some issue related the authorization and seems sporadic. Please find the details below.

This is the OAuth config we used in the app:

  "client_id": "XXX",
  "client_secret": "YYY",
  "authorize_url":    "https://login.salesforce.com/services/oauth2/authorize", 
 "token_url": "https://login.salesforce.com/services/oauth2/token",  "token_type": "account", 
    "scope": "api full web refresh_token offline_access"

We are getting the below errors while installing or while reauthorizing the app and it is sporadic.

We are unable to debug it from our side so requesting you to help me debug this issue further.

Please let me know if you need more details.



1 Like

We are trying to reproduce the issue and in the process of checking the platform behaviour. Sorry if this is getting delayed. I will keep you posted as soon as I have an update.

Thanks for checking this Saif, let me know if you have any update. Also, can you share the ETA so that I can inform customers based on your input?

Sorry @kannansantharam if this taking longer than it is intended to.

Our team has been working on this for a while now and unfortunately it is taking a bit longer than expected. Since this is uncertain issue we are seeing, I am not able to provide definite ETA at this point.

Hi @kannansantharam,

I have an update from my engineering team on this topic.

We found out that new tokens are saved in the platform maintained DB only after clicking the ‘save’ button. So, OAuth call made from the configuration of the app uses expired tokens and fails. But this only occurs with Freshdesk and Freshservice as they haven’t adopted the new apps gallery provided by marketplace yet.

Team is yet to decide how to proceed on from here, both for in the case of public app or an private app.

For the followers of this thread,

Problem Summary
App sees problem in refreshing the access_token with the help of refresh_token. App platform simply throws 500 error.

Upon in investigation

  1. We found that the root cause of this issue is within the Freshdesk in-product app management page.
  2. This page preserves the tokens given by the user only when ‘save’ button is pressed. User does this only once. Which is the reason app works fine until reauthorization phase kicks in.
  3. To perform OAuth, platform provides its own config file to be filled up by the app developer so that platform will perform the OAuth as needed decreasing the need to handle this mechanism by the developer.
  4. That also meant that when token has expired platform tries to refresh the access tokens automatically and fails since the newer saved ones aren’t replaced.
  5. We managed to solve this problem by updating app management page of this Freshdesk instance.
  6. We saw some hiccups happening at a later point of time. But they were a lot less than the one when non-updated app management page.
1 Like