Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Confusion on refresh token flow
See original GitHub issueI’m looking at this code in the jsforce docs about the access/refresh token flow:
var conn = new jsforce.Connection({
oauth2 : {
clientId : '<your Salesforce OAuth2 client ID is here>',
clientSecret : '<your Salesforce OAuth2 client secret is here>',
redirectUri : '<your Salesforce OAuth2 redirect URI is here>'
},
instanceUrl : '<your Salesforce server URL (e.g. https://na1.salesforce.com) is here>',
accessToken : '<your Salesforrce OAuth2 access token is here>',
refreshToken : '<your Salesforce OAuth2 refresh token is here>'
});
conn.on("refresh", function(accessToken, res) {
// Refresh event will be fired when renewed access token
// to store it in your storage for next request
});
Does jsforce automatically catch expired access tokens and refresh them? Or does my connection need some extra catch when it makes a query()? Should I manually call conn.refreshToken() every time I make a connection?
The reason I ask is because I periodically receive errors from jsforce about expired access tokens and invalid grants. With the code above, are those just notifications to be aware of, or are they actual errors caused by users being unable to refresh their access tokens? jsforce doesn’t make it clear when it’s actually validating and refreshing tokens.
Sorry if that’s a little vague, I’m still trying to wrap my head around how this needs to be structured within express and my client-side app
Issue Analytics
- State:
- Created 5 years ago
- Reactions:2
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
One more thing, if you are using a sandbox URL, you are going to need to explicitly set the loginURL (inside OAuth2 object) to
https://test.salesforce.com. Otherwise JSFORCE will default to usinghttps://login.salesforce.com/.Yes, if refreshToken and oauth2 client/secret information is given in constructor.
No.
No.
The
refreshevent of the connection is typically used for updating the access token information which is usually kept in some persistent store. It is automatically called when the access token becomes invalid and refresh token flow is completed, with the newly obtained access token information in the argument.You don’t have to implement the event handler, but without it, it would always run refresh token flow in the first API access, because the access token initially obtained quickly becomes obsolete within a few hours.